On Fri, May 31, 2019 at 5:32 AM Holger Levsen wrote:
> LTS is accepted by the Debian community.
I'm not entirely sure this fully represents the range of feelings
about the LTS efforts.
There are a few things that are possibly concerning:
Freexian is essentially the only available-to-hire provider of
services for Debian LTS, as the Freeside link doesn't lead anywhere
useful. This means that Freexian essentially does not have any
competition in the provision of these services. Individuals or
companies who don't like Freexian's offering do not have any other
choices, short of going to the general Debian consultants list, who
may or may not have the needed skills and would take time to search
through.
https://wiki.debian.org/LTS/Funding
The funding breakdown for the LTS team appears to be 48% Freexian, 31%
volunteer/unknown, 21% other companies. I don't have any data on the
proportion of LTS work done by each of these groups, but I get the
feeling that the majority of LTS uploads are done by Freexian folks.
This means that if Freexian decides to end its provision of services
for Debian LTS, then the level of work done for LTS would go down
significantly. Were this to happen, it would either significantly
damage the image of Debian due to having to end the LTS effort or
require us to do work which we have had a hard time finding volunteers
for in the past.
https://wiki.debian.org/LTS/Team
There is strong coupling between Debian and Freexian in the language
on the Debian LTS pages and the Freexian pages. This is free
advertising for Freexian's LTS services and representing Freexian's
LTS services as "blessed" by Debian or somehow "official", which could
be objected to by other companies who might decide to provide security
support services. It may be prudent to remove or alter the language on
the Debian LTS pages.
https://wiki.debian.org/LTS/Funding
As far as I can tell, the sole communication between the LTS team and
the list of individuals/organisations doing consulting around Debian
is a mail attempting to recruit folks to work for Freexian. As far as
I can tell, there has been no suggestion that
individuals/organisations doing consulting around Debian add
themselves to the list of organisations available to hire to work on
LTS. This means that the individuals/organisations doing consulting
around Debian miss out on the opportunities to work on LTS.
https://www.debian.org/consultants/
https://lists.debian.org/msgid-search/20160502094142.ga19...@home.ouaza.com
Freexian doesn't fund LTS contributors who are not DDs/DMs: this
eliminates skilled developers from outside Debian who could contribute
to LTS via Freexian and eventually work on Debian more generally. This
seems to have prevented at least one former Debian member who was
interested in Freexian's offer from contributing. It might also make
LTS funding seem like a reward for Debian insiders.
https://www.freexian.com/services/debian-lts-details.html#join
https://lists.debian.org/msgid-search/calqvjpbwcpvr82jrmxmcwuga_mn7wot425-qftvpqpb7aa7...@mail.gmail.com
The structure of using existing Debian contributors and funnelling
most of the funding to them through one company reduces incentives for
companies wanting security support to direct their employees to work
on Debian security support. This means that our contributor base stays
more static and reduces the chance that new folks will join us. An
alternate model where each of the companies currently sponsoring
Freexian LTS services instead directed their employees to spend some
hours on Debian security support seems more likely to lead to new
people getting involved.
--
bye,
pabs
https://wiki.debian.org/PaulWise
