cAos principles and QA goals - a top-level outline 1. We will not infringe the encumbered intellectual property of others. 2. We strongly strive for base content free of exploits or security matters (either in the cAos internal build phase, and from trojaned content). 3. We strongly strive to provide updates for discovered exploits or security matters in a timely fashion. 4. We stay within a glibc and RPM level ABI - when compatibility cannot be maintained to satisfy the foregoing for 'core' or 'base' packages, a new caos-release lead version will be created. Several caos-releases may be active, for differing glibc, RPM and kernel tuples. 5. We seek agility and functionality to stay near stable upstream released packages. Such packages will first appear in the cAos 'Crazy' archive. 6. As a package is confirmed to work, and appears to be free of exploit, it will be 'certified' and GPG signed, and promoted into the 'Certified' archive. 7. A minimum archive also exists, called 'Chilled'. It contains a subset of 'Certified' which are without unresolved security matters, sufficient to provide a base system, and still 'strong' enough to be 'self-hosting' and to build all Daemon services and some Application layer packages. 8. When a package is retired from 'Certified' due to an un-solveable security matter, it is moved to the 'Coffin' and removed from 'Chilled' if it was present. When 'Chilled' can no longer satisfy the 'self-hosting' criteria, the caos-release will no longer be supported. 9. A caos-release may also be 'retired' from maintenance when a critical mass of maintainers no longer exists. CentOS principles and QA goals 1. We will not infringe the encumbered intellectual property of others. 2. Within the mainline base release and updates, we will simply rebuild without enhancement. 3. Forked fixpacks _may_ be issued, but this is largely not expected, and feature fixes will be largely left to the upstream maintainer. A 'Forked' update may represent a non-official security or functionality package, but is maintained in a separate archive and will NOT be accessible to a conventional base and update yum update, to avoid 'polluting' a host with a fork, absent conscious intent. 4. An Extras archive may exist, and will primarily consist of packages from cAos 'Certified' content. ---------------- Comment of this document is welcome; please direct it to: info@owlriver.com ---------------- Initial - RPH - 040112 Rev: RPH - 040112 - cooler/coffin fix laptop:~/caos/QA-requirements.txt external: http://www.herrold.com/caos/QA-requirements.txt ----------------