On 04/12/15 03:37, xor wrote: > On Thursday, December 03, 2015 05:12:37 PM Arne Babenhauserheide wrote: >> Am Mittwoch, 2. Dezember 2015, 14:34:41 schrieb Ian: >>> That being said, I do think the project would significantly benefit from a >>> new and much more engaged leader, ideally with project management >>> experience, but unfortunately such people do not grow on trees when you >>> need them to work voluntarily. Should we find such a person I would >>> support them in a heartbeat. >> I think that the project is moving nicely at the moment. Yes, we have >> less releases per year than back when we still had a paid core >> developer and maintainer, but there is great work done in many areas — >> and this month will see the first ever Freenet Hackathon. >> >> It feels like the Freenet developer community is more and more finding >> its rhythm after having to completely reshape its workflows 2 years >> ago when Matthew went to university. It feels like not a week passes >> without anyone announcing a new improvement on IRC, pull-requests get >> active reviews and are improved until they get merged, and the focus >> is on doing things which improve Freenet for its users. > I fully agree! > > We *have* a good leader with Steve: He does review code whenever it is > necessary, and he does make clear decisions. And people do follow his > decisions (which I admit was initially bad at, but I hope to have improved > and > continue improving). I agree, our volunteers are brilliant, especially Steve. However, the reason that stuff hasn't been merged is that we don't have the capacity to review it. This is because Steve is a volunteer. In the past it was because our previous leader (Ian) regarded code review as unimportant, but the wider community - at least me - refused to accept unreviewed code - and because a lot of the volunteer stuff was unfinished, especially GSoC projects. So I got on with the stuff believed to be important... Later on I made the opposite mistake of being too often distracted by would-be-maybe volunteers making complex technical demands.
Maybe we need to have a discussion about how to do code review. "Let Steve do everything" appears to be something of a bottleneck! > > The huge rants on the mailing list during the past few months are a very poor > representation of the state of the project. The fact that we have architectural problems which have been known about for years, warned about by qualified volunteer developers, and are now being actively exploited (unless the newspaper article is a plant), is also a very poor representation of the project. The reason this particular flamewar came up is that: - mrsteveman (different to Steve, but another established contributor) found the article (which we assume to be accurate) about US cops exploiting Freenet - I drafted an FAQ update about this, which was accepted, in the interests of honesty. - A relatively unknown poster complained about this. - I tried to find ways to resolve this, but as you say we've been over the whole opennet discussion many times before. I agree that this is a problem we've discussed before. Volunteers have warned about it, especially Florent. Our previous leader overruled all the warnings. There are good pragmatic reasons to have opennet, but unfortunately it is insecure against any reasonable threat model. This is a serious problem and we need some sort of strategy for dealing with it. Simultaneously we have another two crises: - We don't have the review capacity to deploy existing contributions, as mentioned above. - We have run out of money and had to drop our remaining paid developer. All in all there are good reasons to discuss project priorities, and especially how we can get away from opennet, and whether it can be saved. As long as such discussions eventually lead to action. Of course they don't, because the priorities and opinions of various key players are fundamentally incompatible, short of a major conceptual or technical breakthrough. > While the observation of Ximin and Arne that this could be a psy-ops attack > [1] does sound sort of paranoid, it is nevertheless an actual possibility: It > would be a lot easier and cheaper than any other attack. It doesn't require > the ability to write or understand code, you just need to be capable of > offense :) You think the newspaper article is a fabrication then? Maybe - but we do have another source for this, albeit vague. > As a productive alternate thing to do than those discussions, maybe > participate in code review - there are many pending pull requests, for > example > 32 fred ones: > https://github.com/freenet/fred/pulls Agreed. But it can't be *purely* collaborative - somebody does have to go over the final diff and apply it. That is potentially a bottleneck. ???
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
