Re: Hiding library packages from apt searches by default? (was: Re: Worthless node-* package descriptions in ITPs)

2017-01-07 Thread Mike Hommey 
On Sat, Jan 07, 2017 at 07:32:12PM +, Riku Voipio wrote:
> On Thu, Jan 05, 2017 at 02:32:45PM +0100, Christian Seiler wrote:
> > On 01/05/2017 02:06 PM, Jonas Smedegaard wrote:
> > > Quoting Riku Voipio (2017-01-05 12:53:16)
> > >> Vast majority of users would only install this via dependencies. It's 
> > >> hardly a node-specific problem that debian package searches output 
> > >> large amount of packages that are not useful unless you happen to be a 
> > >> programmer.
> > > 
> > > ...and I agree that the issue is not specific to node-* packages, but I 
> > > find it is quite common there.  Quite likely due to recent inclusion of 
> > > lots of packages, prepared semi-automated - as Philip pointed out very 
> > > well.
>  
> > Could we maybe hide library packages from apt searches by default? 
> 
> > I think most users don't care about libraries in any language (be it
> > Perl, C, JS, Python, ...), but only care about software they
> > use directly. And developers that do care about libraries could pass
> > a flag to APT to say "yeah, please show me all packages that match
> > this". And maybe even indicated how many library packages were not
> > shown in the default search results?
>  
> After some thinking, instead of hiding better to group by:
> 
> $ apt search gif
> 
> [ GUI applicatoins ]
> gimp
> mirage
> ...
> [ CLI applications ]
> gif2png 
> gnuift
> imagemagick
> ..
> [ programming libraries ]
> libgif
> libsdl-image
> python-pil
> ..
> [ documentation ]
> libgif-doc 
> ...
> $ 
> 
> I think the data for grouping can be theoretically mined from debtags.

I think one of the main problems with `apt(-cache) search` is that what
it takes is a regexp, and that most of the time, you're better served by
doing your search with \b as both prefix and suffix.

$ apt-cache search '\bgif\b' | wc -l
138
$ apt-cache search gif | wc -l
198

More extreme example, which actually happened to me a couple days ago
because I was checking whether there is a package for the KAGE engine (a
glyph generator for chinese characters ; http://fonts.jp/engine.html)

$ apt-cache search kage | wc -l
31104
$ apt-cache search '\bkage\b' | wc -l
1

Mike

Re: Hiding library packages from apt searches by default? (was: Re: Worthless node-* package descriptions in ITPs)

2017-01-07 Thread Riku Voipio 
On Thu, Jan 05, 2017 at 02:32:45PM +0100, Christian Seiler wrote:
> On 01/05/2017 02:06 PM, Jonas Smedegaard wrote:
> > Quoting Riku Voipio (2017-01-05 12:53:16)
> >> Vast majority of users would only install this via dependencies. It's 
> >> hardly a node-specific problem that debian package searches output 
> >> large amount of packages that are not useful unless you happen to be a 
> >> programmer.
> > 
> > ...and I agree that the issue is not specific to node-* packages, but I 
> > find it is quite common there.  Quite likely due to recent inclusion of 
> > lots of packages, prepared semi-automated - as Philip pointed out very 
> > well.
 
> Could we maybe hide library packages from apt searches by default? 

> I think most users don't care about libraries in any language (be it
> Perl, C, JS, Python, ...), but only care about software they
> use directly. And developers that do care about libraries could pass
> a flag to APT to say "yeah, please show me all packages that match
> this". And maybe even indicated how many library packages were not
> shown in the default search results?
 
After some thinking, instead of hiding better to group by:

$ apt search gif

[ GUI applicatoins ]
gimp
mirage
...
[ CLI applications ]
gif2png 
gnuift
imagemagick
..
[ programming libraries ]
libgif
libsdl-image
python-pil
..
[ documentation ]
libgif-doc 
...
$ 

I think the data for grouping can be theoretically mined from debtags.

Riku

Re: Worthless descriptions for almost all of the recent node-* ITPs (was: Re: Worthless node-* package descriptions in ITPs)

2017-01-06 Thread Holger Levsen 
Hi Praveen,

On Fri, Jan 06, 2017 at 10:16:37AM +0100, Philip Hands wrote:
> Hi Praveen,
> 
> I assume that all these ITPs are prompted by your crowd-funding effort.
> 
> Today we have #850399 which plumbs new depths in that it has had both
> long and short descriptions trimmed from the body of the message.
> 
> Please would you take responsibility for your packaging team by
> instructing them that it is simply unacceptable to have these packages
> with such useless descriptions.
> 
> The fact that they all seem to be trimming off the FIX_ME that npm2deb
> includes for them, and are thus also removing the explanation of what
> Node.js is, seems like vandalism to me.  Did you tell them to do that,
> or are they learning that from one another?
> 
> TBH I find this whole approach rather worrying.
> 
>   Are you paying these people for their efforts?
> 
>   Are we supposed to expect them to remain interested in these packages
>   when the money dries up?
> 
>   If not, what is the plan for providing maintenance for these packages
>   for the time that they are going to be in stable?
> 
> Cheers, Phil.
> 
> P.S. While you're at it, I would suggest that you encourage your
> packaging team to contact the upstreams in order to discover whether
> they are happy for their current release to be preserved in Debian
> stable -- I can imagine that some of them might be unhappy with the
> prospect of having the latest release packaged, if there are bug fixes
> in the HEAD that they don't want bug reports about for the next 5 years.
> They could then push out a release quickly and you could package that
> instead.

fully seconded, after reading #850399 (no description at all) and #850398
and #850397 just now (and many similar useless descriptions before), I'm
really curious for your answers to Philip's question above.

   Are you paying these people for their efforts?
 
   Are we supposed to expect them to remain interested in these packages
   when the money dries up?
 
   If not, what is the plan for providing maintenance for these packages
   for the time that they are going to be in stable?

Please elaborate.


-- 
cheers,
Holger


signature.asc
Description: Digital signature

Re: Worthless descriptions for almost all of the recent node-* ITPs (was: Re: Worthless node-* package descriptions in ITPs)

2017-01-06 Thread Philip Hands 
Hi Praveen,

I assume that all these ITPs are prompted by your crowd-funding effort.

Today we have #850399 which plumbs new depths in that it has had both
long and short descriptions trimmed from the body of the message.

Please would you take responsibility for your packaging team by
instructing them that it is simply unacceptable to have these packages
with such useless descriptions.

The fact that they all seem to be trimming off the FIX_ME that npm2deb
includes for them, and are thus also removing the explanation of what
Node.js is, seems like vandalism to me.  Did you tell them to do that,
or are they learning that from one another?

TBH I find this whole approach rather worrying.

  Are you paying these people for their efforts?

  Are we supposed to expect them to remain interested in these packages
  when the money dries up?

  If not, what is the plan for providing maintenance for these packages
  for the time that they are going to be in stable?

Cheers, Phil.

P.S. While you're at it, I would suggest that you encourage your
packaging team to contact the upstreams in order to discover whether
they are happy for their current release to be preserved in Debian
stable -- I can imagine that some of them might be unhappy with the
prospect of having the latest release packaged, if there are bug fixes
in the HEAD that they don't want bug reports about for the next 5 years.
They could then push out a release quickly and you could package that
instead.
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY


signature.asc
Description: PGP signature

Re: Hiding library packages from apt searches by default? (was: Re: Worthless node-* package descriptions in ITPs)

2017-01-05 Thread Nicholas D Steeves 
On Fri, Jan 06, 2017 at 10:01:38AM +0800, Paul Wise wrote:
> On Thu, Jan 5, 2017 at 9:32 PM, Christian Seiler wrote:
>
> > Could we maybe hide library packages from apt searches by default?
>
> This is going to have unintended consequences; for example, if we base
> it on Debian Section fields, library source packages that build a
> binary package containing tools, that are (incorrectly) put into the
> libs section, will not be found by users.

If ever something like this does go through, would it be possible to
limit it to UIDs != 0?  Eg: Hiding lib packages would be limited to
'apt-cache search' called as a non-root user without using sudo.

> > I think most users don't care about libraries in any language (be it
> > Perl, C, JS, Python, ...), but only care about software they
> > use directly. And developers that do care about libraries could pass
> > a flag to APT to say "yeah, please show me all packages that match
> > this". And maybe even indicated how many library packages were not
> > shown in the default search results?
>
> How would you propose to implement that? apt currently doesn't have
> enough metadata about packages to say if they are end-user tools or
> not, and it depends on the user which tools are acceptable. For
> example; some folks can deal with the command-line but the majority of
> humanity cannot, some folks dislike particular GUI toolkits, etc.

Isn't this something the "GNOME Software" application addresses?
Additionally, thought I'm at least two years out of date with
packagekit news/status/frustrations, I wonder if it already has one
half of a distro-agnostic method to implement this...

Cheers,
Nicholas

Re: Hiding library packages from apt searches by default? (was: Re: Worthless node-* package descriptions in ITPs)

2017-01-05 Thread Paul Wise 
On Thu, Jan 5, 2017 at 9:32 PM, Christian Seiler wrote:

> Could we maybe hide library packages from apt searches by default?

This is going to have unintended consequences; for example, if we base
it on Debian Section fields, library source packages that build a
binary package containing tools, that are (incorrectly) put into the
libs section, will not be found by users.

> I think most users don't care about libraries in any language (be it
> Perl, C, JS, Python, ...), but only care about software they
> use directly. And developers that do care about libraries could pass
> a flag to APT to say "yeah, please show me all packages that match
> this". And maybe even indicated how many library packages were not
> shown in the default search results?

How would you propose to implement that? apt currently doesn't have
enough metadata about packages to say if they are end-user tools or
not, and it depends on the user which tools are acceptable. For
example; some folks can deal with the command-line but the majority of
humanity cannot, some folks dislike particular GUI toolkits, etc.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

Re: Worthless descriptions for almost all of the recent node-* ITPs (was: Re: Worthless node-* package descriptions in ITPs)

2017-01-05 Thread Philip Hands 
Christian Seiler  writes:

> On 01/05/2017 02:06 PM, Jonas Smedegaard wrote:
>> Quoting Riku Voipio (2017-01-05 12:53:16)
>>> Vast majority of users would only install this via dependencies. It's 
>>> hardly a node-specific problem that debian package searches output 
>>> large amount of packages that are not useful unless you happen to be a 
>>> programmer.
>> 
>> ...and I agree that the issue is not specific to node-* packages, but I 
>> find it is quite common there.  Quite likely due to recent inclusion of 
>> lots of packages, prepared semi-automated - as Philip pointed out very 
>> well.
>
> Could we maybe hide library packages from apt searches by default?

I think you are perhaps misinterpreting my original subject line as
saying that the node packages themselves are somehow not of interest.

Sorry for not making that clearer in the original subject, perhaps the
new one is better?

I was only referring to the quality of the descriptions -- I don't know
enough about node.js to comment on the merit of the packages themselves,
nor their likelihood of being of interest to people.

The example I picked out was laughably useless, but most of them are
packed with field-specific jargon in the short description, and lack a
long description.

We (as a group) appear to be learning to treat "node-*" as a flag
indicating that one does not need to pay attention.  That would seem to
be the reason that these ITPs mostly go without comment, and thus the
package gets uploaded with the same flaws.

I encourage people to take a closer look, and to comment on what they
find -- I've only scratched the surface, and have had a pretty good
hit-rate finding things (in addition to the missing descriptions) that
are worth commenting on.

Cheers, Phil.
-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY


signature.asc
Description: PGP signature

Re: Hiding library packages from apt searches by default? (was: Re: Worthless node-* package descriptions in ITPs)

2017-01-05 Thread Jonas Smedegaard 
Quoting Christian Seiler (2017-01-05 14:32:45)
> On 01/05/2017 02:06 PM, Jonas Smedegaard wrote:
>> Quoting Riku Voipio (2017-01-05 12:53:16)
>>> Vast majority of users would only install this via dependencies. 
>>> It's hardly a node-specific problem that debian package searches 
>>> output large amount of packages that are not useful unless you 
>>> happen to be a programmer.
>> 
>> ...and I agree that the issue is not specific to node-* packages, but 
>> I find it is quite common there.  Quite likely due to recent 
>> inclusion of lots of packages, prepared semi-automated - as Philip 
>> pointed out very well.
>
> Could we maybe hide library packages from apt searches by default? I 
> think most users don't care about libraries in any language (be it 
> Perl, C, JS, Python, ...), but only care about software they use 
> directly. And developers that do care about libraries could pass a 
> flag to APT to say "yeah, please show me all packages that match 
> this". And maybe even indicated how many library packages were not 
> shown in the default search results?

Sounds like a nice UI improvement if package managers could 
(optionally!) skip package sections considered less relevant.

In my opinion that does not, however, change the need for package 
descriptions to be generally understandable, no matter the package 
section.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

Hiding library packages from apt searches by default? (was: Re: Worthless node-* package descriptions in ITPs)

2017-01-05 Thread Christian Seiler 
On 01/05/2017 02:06 PM, Jonas Smedegaard wrote:
> Quoting Riku Voipio (2017-01-05 12:53:16)
>> Vast majority of users would only install this via dependencies. It's 
>> hardly a node-specific problem that debian package searches output 
>> large amount of packages that are not useful unless you happen to be a 
>> programmer.
> 
> ...and I agree that the issue is not specific to node-* packages, but I 
> find it is quite common there.  Quite likely due to recent inclusion of 
> lots of packages, prepared semi-automated - as Philip pointed out very 
> well.

Could we maybe hide library packages from apt searches by default? I
think most users don't care about libraries in any language (be it
Perl, C, JS, Python, ...), but only care about software they
use directly. And developers that do care about libraries could pass
a flag to APT to say "yeah, please show me all packages that match
this". And maybe even indicated how many library packages were not
shown in the default search results?

Regards,
Christian

PS: I'm throwing this idea in as a general idea, I don't think this
is something for Stretch though, we're far too late in the release
cycle for that.

Re: Worthless node-* package descriptions in ITPs

2017-01-05 Thread Jonas Smedegaard 
Quoting Riku Voipio (2017-01-05 12:53:16)
> On Thu, Jan 05, 2017 at 10:53:36AM +0100, Philip Hands wrote:
>> At present you are forcing that vast majority of our users, that have 
>> no interest in this software, to individually learn that they need to 
>> look out for the node- prefix, and ignore such packages.

Thanks, Philip, for raising this concern.  I agree with it.


> Vast majority of users would only install this via dependencies. It's 
> hardly a node-specific problem that debian package searches output 
> large amount of packages that are not useful unless you happen to be a 
> programmer.

...and I agree that the issue is not specific to node-* packages, but I 
find it is quite common there.  Quite likely due to recent inclusion of 
lots of packages, prepared semi-automated - as Philip pointed out very 
well.


> The only people installing node libs directly would be node 
> developers, for whom matching description with upstream project is 
> valuable. If the description is not useful for developer either ( for 
> example "Itty bitty little widdle twinkie pinkie" ), better propose 
> the upstream project a more concise description, than to carry extra 
> delta in debian.

It seems you argue that package descriptions need not make sense beyond 
the package section they belong to.  I disagree, and it seems Debian 
Policy disagrees too - see § 3.4:

> The description should describe the package (the program) to a user 
> (system administrator) who has never met it before so that they have 
> enough information to decide whether they want to install it.  This 
> description should not just be copied verbatim from the program's 
> documentation.

 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/

 [x] quote me freely  [ ] ask before reusing  [ ] keep private

Re: Worthless node-* package descriptions in ITPs

2017-01-05 Thread Riku Voipio 
On Thu, Jan 05, 2017 at 10:53:36AM +0100, Philip Hands wrote:
> At present you are forcing that vast majority of our users, that have no
> interest in this software, to individually learn that they need to look
> out for the node- prefix, and ignore such packages.

Vast majority of users would only install this via dependencies. It's hardly
a node-specific problem that debian package searches output large amount of
packages that are not useful unless you happen to be a programmer.

The only people installing node libs directly would be node developers,
for whom matching description with upstream project is valuable. If the
description is not useful for developer either ( for example 
"Itty bitty little widdle twinkie pinkie" ), better propose the upstream
project a more concise description, than to carry extra delta in debian.

Riku

Worthless node-* package descriptions in ITPs

2017-01-05 Thread Philip Hands 
Hi Roshan,

Please don't take this personally, you just happen to be the one
touching the most recent remarkably meaninglessly described ITP for a
node-* package -- I could easily have picked on one of the many other
examples.

I've Bcc:ed the bug to ensure that replies about this stay on -devel.

Roshan  writes:

...
> * Package name: node-pinkie
...
> * URL : https://github.com/floatdrop/pinkie
...
>   Description : Itty bitty little widdle twinkie pinkie ES2015 Promise 
> implementation

Can we stop the worthless descriptions in node-* ITPs please?

What meaning is contained in the descriptions, is generally
JavaScript/Node specific jargon that is pretty much meaningless to
anyone else.  This is because it is being lifted directly from the git
repository description, where it is reasonable for the upstream to
expect people to already know something about node, so that's the
audience that is being addressed.  That is not a reasonable assumption
when applied to Debian users in general.

To All Node.js packagers:

  Please proof-read and correct the short descriptions before filing
  ITPs.

  Also please fix the script that is generating these ITPs to add a long
  description that at the very least mentions that this is something to
  do with node.js, and what that means (such that people that are not
  interested in node.js can quickly determine that fact and move on).

At present you are forcing that vast majority of our users, that have no
interest in this software, to individually learn that they need to look
out for the node- prefix, and ignore such packages.

You are also giving the impression that all these packages are sloppily
packaged, which makes one wonder if they are going to have any ongoing
maintenance effort available for them (since it seems that too little
effort was devoted to the initial packaging), which in turn makes one
concerned about whether they are going to be fit for a stable release.

Cheers, Phil.

-- 
|)|  Philip Hands  [+44 (0)20 8530 9560]  HANDS.COM Ltd.
|-|  http://www.hands.com/http://ftp.uk.debian.org/
|(|  Hugo-Klemm-Strasse 34,   21075 Hamburg,GERMANY


signature.asc
Description: PGP signature