Defect Severities, part 2 - Debian

Summary
Classification used by Debian package developers

I talked a bit about defect severities and defect priorities. To get an alternative view, let’s take a look at how the guys at Debian handle defect severities. Debian uses a different approach as they are mostly concerned about the impact of defects in a specific Debian package on the release. Their severities are (as of Oct 2005):

• critical: makes unrelated software on the system (or the whole system) break, or causes serious data loss, or introduces a security hole on systems where you install the package.
• grave: makes the package in question unusable or mostly so, or causes data loss, or introduces a security hole allowing access to the accounts of users who use the package.
• serious: is a severe violation of Debian policy (roughly, it violates a “must” or “required” directive), or, in the package maintainer’s opinion, makes the package unsuitable for release.
• important: a bug which has a major effect on the usability of a package, without rendering it completely unusable to everyone.
• normal: the default value, applicable to most bugs.
• minor: a problem which doesn’t affect the package’s usefulness, and is presumably trivial to fix.
• wishlist: for any feature request, and also for any bugs that are very difficult to fix due to major design considerations.

On top of that they have the concept of release critical:

the bug will have an impact on releasing the package with the stable release of Debian

Any serious, grave or critical bug is considered release critical. This is the part I like, as it makes it somewhat easier to decide whether a bug found during testing should stop the release.