On Mon, 2006-03-20 at 15:45 -0800, Bret Towe wrote: > perhaps having some proxys of a sort that accept patchs and such > from trusted users that would commit fixes to portage would help. > similiar to the kernel format that way users can 'commit'/help out quickly > without having to go thru the long process of becoming a dev
Taking this idea a bit further, what about proxy maintainers? There seem to be quite a few packages that are being effectively maintained by users on bugzilla, but are not in portage because they don't have a maintainer. A developer could then take these ebuilds, make sure they don't do anything malicious, or break QA, or whatever, and act as the bridge between the portage tree and the users actually working on the ebuild and keeping things up to date and working. There could then be a bug for each such package where all the patches, ebuilds and version bumps could be posted. The developer who accepts the package could just take those ebuilds, maybe corrected if necessary, and commit them. If the ebuild breaks, it's up to the developer to fix it. If the package breaks, however, it would be up to the users on the bug to fix it, although of course the developer would be able to fix it if he or she could. If there doesn't seem to be anyone interested in keeping the package working anymore then it could be masked and subsequently removed as packages are now. If there are security problems and the fix is not trivial, it might be sensible to mask the package until someone can fix it rather than waiting for a fix to become available. If the developer working as the proxy disappeared, or retired, then the packages could be assigned back to maintainer-wanted (not maintainer-needed) but left in the tree until they broke, at which point they could be removed again unless anyone wants to pick them up. Similarly, if the users maintaining the package disappeared and the package broke, it could be masked and removed. This would seem to me to add more flexibility, and allow more ebuilds to get into the tree without breaking the tree or causing security problems. The only difference would be that the developer who took the package would not be responsible for making sure the program worked - that would be the responsibility of the users maintaining it in bugzilla. There should probably be some large, friendly warnings to inform anyone installing it that is the case, as well. What do you think? -- Jonathan Coome <[EMAIL PROTECTED]> Gentoo Forums Moderator -- gentoo-dev@gentoo.org mailing list
