On Mon, 30 Jul 2007 11:48:16 -0700 Don Armstrong <[EMAIL PROTECTED]> wrote:
> Considering some of the question marks that have come up regarding > sponsored packages, I thought I'd create a little checklist based on > some of the things that I've seen go wrong. > > I thought I'd bounce it through you all before I sent it on to -devel. > > http://wiki.debian.org/SponsorChecklist Thanks, Don - that is very useful. > Determine if the package actually belongs in Debian > > * Is upstream active (alive)? Maybe it's just me (so I haven't put this into the Wiki yet) but I don't see a dead upstream as a blocker. I'd like to see that point qualified with regard to later sections on whether the proposed maintainer is judged capable of handling a package with a dead upstream. Yes, a dead upstream adds difficulties to package management but I have packages with a dead upstream including one where I have taken over upstream maintenance 8 years after the original upstream left it for dead. I have sponsored packages with a similar history. I have also looked at doing the same with certain packages with a dead upstream and left well alone. The state of the code is a better indicator than just the activity of upstream, IMHO. I look at compiler warnings during the build, code organisation and sane use of build tools - then make a decision about whether I can manage those issues. In my case, as long as it is C or Perl, not a kernel module or device driver and uses autotools in a sane manner, I'm usually happy to ignore the issue of a dead upstream. When sponsoring, I try to make the same judgement about the proposed maintainer. Comments? > Determine if the maintainer can actually maintain the package > > * What is the skill level of the maintainer? This is critical to packages with a dead upstream. > general > > * Is the package lintian/linda clean? Finally, what do other sponsors think about linda? Personally, I uninstalled it long ago as simply unreliable. Are there genuine issues that linda *can* find which lintian cannot? Is linda still riddled with false-positives and erroneous test results? Is linda worth using? -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
pgpzmTmly3xAy.pgp
Description: PGP signature