Re: Formal declaration of weak package ownership in source packages (was: Replace the TC power to depose maintainers)
On December 11, 2016 8:50:19 PM EST, Ian Jacksonwrote: >Scott Kitterman writes ("Re: Formal declaration of weak package >ownership in source packages (was: Replace the TC power to depose >maintainers)"): >> These changes will require, at the very least, policy changes. We >> have a process for that. >> >> Unless this thing is somehow opt-in only, be prepared for a GR >overriding it. > >It might be best to do it via a GR anyway. > >> P. S. In case you wonder how maintainerless works, go look at the >dusty corners of the Ubuntu archive. > >I'm not in favour of abolishing amintainership. > >You don't explicitly say so but I get the impression from your mail >that you think what I am suggesting is a bad idea. I've read your >other messages in this thread and they have significantly influenced >my thinking. So perhaps I have misunderstood you. You may not think you are, but I believe that is the net effect. If anyone can unilaterally add themselves as maintainer (to pick one proposal as an example) and make intrusive package changes (since they are a maintainer), there's really no maintainer at all. Being maintainer means having responsibility for a package. If anyone can add themselves as maintainer, then you've turned being maintainer into a position with responsibility, but no authority. That's a recipe for disaster. I confess to a difficulty keeping all the threads straight, so this might not be one of your proposals at all. I do sense a general trend of the conversation towards the idea of undermining package maintainership. Push to hard in that direction and you get revert wars and even larger chunks of the archive left to rot. I think there are plenty of DDs who would find having their ability to control their packages taken away demotivating. I don't see a crowd of new contributors just waiting to not have to deal with a maintainer to get involved in Debian development. Running off or demotivating the people we have isn't a great way to make a better operating system. Scott K
Re: Formal declaration of weak package ownership in source packages (was: Replace the TC power to depose maintainers)
Scott Kitterman writes ("Re: Formal declaration of weak package ownership in source packages (was: Replace the TC power to depose maintainers)"): > These changes will require, at the very least, policy changes. We > have a process for that. > > Unless this thing is somehow opt-in only, be prepared for a GR overriding it. It might be best to do it via a GR anyway. > P. S. In case you wonder how maintainerless works, go look at the dusty > corners of the Ubuntu archive. I'm not in favour of abolishing amintainership. You don't explicitly say so but I get the impression from your mail that you think what I am suggesting is a bad idea. I've read your other messages in this thread and they have significantly influenced my thinking. So perhaps I have misunderstood you. Ian. -- Ian JacksonThese opinions are my own. If I emailed you from an address @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.
Re: Formal declaration of weak package ownership in source packages (was: Replace the TC power to depose maintainers)
On December 11, 2016 8:25:05 PM EST, Ian Jacksonwrote: >Enrico Zini writes ("Re: Formal declaration of weak package ownership >in source packages (was: Replace the TC power to depose maintainers)"): >> On Tue, Dec 06, 2016 at 03:42:57PM +, Ian Jackson wrote: >> > > It's a lot simpler to keep this metadata outside source package. >> > I endorse this product and/or service. >> >> Here's one way to quickly build a service like this: > >Great, thanks for the technical tips. > >What's needed to make this actually happen ? > >I think the initial proposal is simply to move the metadata currently >in Maintainers and Uploaders into a database which is separate from >the archive. > >I guess the initial UI would mirror the existing "DD authority" >process. > >Who in the project can decide to do this ? I think this is probably >the DPL. > >After that, we will probably want to further develop the UI and the >maintainership accession flow. > >For example, my suggestion of having a "request to join team" button >but allowing any DD to add themselves as a Maintainer of a >solo-maintained package. Presumably there would have to be a way for >the MIA team to mark someone as "maintainer emeritus" (ie, used to be >a maintainer). > >Who would make these UI decisions ? These changes will require, at the very least, policy changes. We have a process for that. Unless this thing is somehow opt-in only, be prepared for a GR overriding it. Scott K P. S. In case you wonder how maintainerless works, go look at the dusty corners of the Ubuntu archive.
Re: Replace the TC power to depose maintainers
Philip Hands writes ("Re: Replace the TC power to depose maintainers"): > Ian Jacksonwrites: > > I still don't understand why the TC is so crushingly slow to conter > > maintainer power in Debian. As I say in my other emails, a result of > > the TC's inaction, maintainer power in Debian is nearly unassailable. > > I wonder which column on your tally sheet you will put this outcome. I think the maintainer saw the writing on the wall, so I count this as a successful intervention by the TC. (I hope the new maintainers will prove me right.) That there wasn't a formal vote is beside the point. > In this particular instance, at least a week of the time spent on this > mess was devoted to dealing with you -- don't do anything like that again. FAOD I value your opinion, and it doesn't make me happy to hear that from you. I've been thinking about this and will think some more. I still (perhaps, even more so) believe we need to have a better way of dealing with these kind of disputes. Regards, Ian. -- Ian Jackson These opinions are my own. If I emailed you from an address @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.
Re: Formal declaration of weak package ownership in source packages (was: Replace the TC power to depose maintainers)
Enrico Zini writes ("Re: Formal declaration of weak package ownership in source packages (was: Replace the TC power to depose maintainers)"): > On Tue, Dec 06, 2016 at 03:42:57PM +, Ian Jackson wrote: > > > It's a lot simpler to keep this metadata outside source package. > > I endorse this product and/or service. > > Here's one way to quickly build a service like this: Great, thanks for the technical tips. What's needed to make this actually happen ? I think the initial proposal is simply to move the metadata currently in Maintainers and Uploaders into a database which is separate from the archive. I guess the initial UI would mirror the existing "DD authority" process. Who in the project can decide to do this ? I think this is probably the DPL. After that, we will probably want to further develop the UI and the maintainership accession flow. For example, my suggestion of having a "request to join team" button but allowing any DD to add themselves as a Maintainer of a solo-maintained package. Presumably there would have to be a way for the MIA team to mark someone as "maintainer emeritus" (ie, used to be a maintainer). Who would make these UI decisions ? Ian. -- Ian JacksonThese opinions are my own. If I emailed you from an address @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.
Re: Replace the TC power to depose maintainers
Rhonda D'Vine writes ("Re: Replace the TC power to depose maintainers"): > Going towards an abolished maintainership > area it will make it even less likely such needed communication with the > people feeling emotionally attached to the package to happen. This is a very good way of explaining the social reasons for retaining something like maintainership. > It's already at the lower and every now and then that it hurts, I think if one is very stubborn, and doesn't mind undoing other people's work, etc., then maintainership is very strong. If one cares about doing what much the rest of the project says it wants, maintainership is often quite weak. This is not really a good combination. Ideally maintainership would be strong for the maintainer who doesn't like to argue much and who is easy to convince of true things, but weak when used by a stubborn maintainer or one who communicates poorly. I have not much of an idea how to do that, but making _sole_ maintainership weaker is perhaps going in that direction. Ian. -- Ian JacksonThese opinions are my own. If I emailed you from an address @fyvzl.net or @evade.org.uk, that is a private address which bypasses my fierce spamfilter.
Re: Formal declaration of weak package ownership in source packages (was: Replace the TC power to depose maintainers)
On Tue, Dec 06, 2016 at 03:42:57PM +, Ian Jackson wrote: > > It's a lot simpler to keep this metadata outside source package. > I endorse this product and/or service. Here's one way to quickly build a service like this: - Configure the web server to accept Debian's SSO credentials: https://wiki.debian.org/DebianSingleSignOn#Documentation_for_web_application_owners - Set up a Django site using RemoteUserMiddleware, but trusting SSL_CLIENT_S_DN_CN instead of REMOTE_USER: https://docs.djangoproject.com/en/1.10/howto/auth-remote-user/ (see the CustomHeaderMiddleware example) - Create the model and CRUD pages for the extra info you want to maintain about developers, with ForeignKey to django.contrib.auth.get_user_model() - Export your data with django-rest-framework Enrico -- GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zinisignature.asc Description: PGP signature