Re: Re-thinking Debian membership - take #1: inactivity - getting implemented
Stefano Zacchiroli wrote: In the past few days I've been in touch with Christoph Berg as a DAM representative, which has been implementing the inactivity proposal starting from the sample scripts of [1]. Then, DAM also had a first run of the inactivity test (i.e. 2 years without neither an upload nor a vote). Given that it was the first run, instead of directly removing the resulting account, DAM preferred to have a WAT run [2] on the accounts resulting from the inactivity test. The recent set of WAT-related resignations descended from that. I've been told that in the recent future the removal will become automatic de facto replacing WAT runs. DAM will probably post more details separately when that will happen. That's great! Thanks to everyone involved. BTW, I recall some complaints that WaT runs didn't happen often; there over a hundred people in a needs-wat state in the MIA database without action for months. Has this recently changed? Or is it something that will change with the automatic runs that you speak of? Regards, Faidon -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity - status update
On Mon, Aug 03, 2009 at 04:37:54PM +0200, Sandro Tosi wrote:
That is the much more time-consuming than checking DDs. for our fellow
DDs we have several data sources (mls posts, uploads, key usage) to
track them, while we don't have anything similar for non-DDs. So
several manual researches are needed (either on lists.d.o, google, etc
etc).
So, while removing the easiest part (checking DDs) we are left with
the most difficult and time-consuming part.
Sure, but it seems an advantage nevertheless to me: we de facto ease
remove part of the task. Also, I fail to understand how things were
different with WAT runs. The relations of that with MIA seem identical
to me to the relations of the new proposal to MIA.
Ok, so there should be a communication of removed DDs, at least on
-private, so that DDs working on QA at least know it. if you/other
feel it unappropriate, please suggest some other form of
communication or ways to handle this. either in this proposal or at
a later stage.
I consider it totally appropriate. Probably -private would not be
enough though, and also some private QA channel would need to be
triggered. How it was for MIA? I presume we can use the same channel.
ACK. Again, I don't see MIA dying due to this proposal, I only
see it re-focusing his work on non-DD maintainers.
see above: this way our work is reduced in number, to focus on the
most annoying, difficult, quite frustrating and pointless (non-DDs
are not part of the project, in a strict sense (don't get me wrong
here, I know they are valuable contributors, but they can't vote,
blablabla)).
Understood. This proposal is no solution for that and I don't see an
easy one. Still, given the main utility of MIA has always been to
discover unmaintained *packages* by the main of MIA *developers*, I
feel like we still need that. How to improve it is a, recurrent,
totally different topic.
But I also have to be honest and affirm that we receive much less
requests for non-DDs than for DDs.
I don't have _the_ answer for that. What I can do, if you are
interested, is to hand over the list of potentially disabled DDs
to pinpoint your MIA queries at them and avoid/focus MIA
activities elsewhere.
Of course it would be welcome: I'll cross check the current TODO
list marking as 'pending on the proposal to be implemented'
accordingly.
OK. I'll contact you in private for further development on this side
of the issue.
contacted me on IRC. At the end of that
Yes, I contacted you, and I was quite surprised by this sudden
proposal. Probably I should have made clear at that time that a
contact would have been welcome.
My bad then, I could have understood that too. Sorry for the
misunderstanding, I hope things are clear(er) now.
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity - status update
On Mon, Aug 03, 2009 at 04:21:37PM +0200, Sandro Tosi wrote:
- what to do about the current (yet unanswered) queries we've
received? should we reply please wait for this to be approved?
should we fulfill? when should we stop operations? (I'm personally not
that motivated to work on something that's dying.)
There is no reason at all to change processing.
While I can see it can be still has its space for non-DDs (but it's
*much* more difficult our work for them) I don't see if it's still
worth have it once this proposal is implemented.
Just my 0.02€ on this. I think it is still totally worth (which is of
course a totally differ topic than saying that the current MIA team
has enough manpower for that). Lucas Nussbaum (Cc-ed) showed me some
interesting numbers about how many packages in the Debian archive are
currently maintained by non-DD-maintainers. They are quite a lot in
fact, and not only due to DM.
With that slices of the archive increasing, the reasons which brought
us to have MIA for DDs apply more and more to non-DD-maintainers.
You seem to misunderstand the proposal AFAICS. The MIA Team would
still be operative for non DDs in general and for DDs in a
proactive way (aka during the inactivity period).
but what is the point in proactively checks DDs if after time
decided by DAM they are removed from the project? we can simply
wait for that time to pass, or am I missing something?
I agree with you on this: I don't see the point in investing MIA
energy in DDs when this proposal will be implemented.
Still, the topic of packages de facto unmaintained by otherwise active
DDs (e.g. people that vote but don't fix/respond to RC bugs) remains a
big one. However, it is a totally orthogonal problem to MIA already.
also note that non-DDs checks are far more difficult to be performed
than for DDs, where we have plenty of data sources to check if
they're active or not. Keeping the infrastructure only of this
hard/rare/less-important (for the project) cases seems overkill to
me.
See above: I don't think it is in any way less important and is likely
to become more and more important in the future.
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity - status update
On Mon, Aug 03, 2009 at 07:29:20AM +0200, Luk Claes wrote:
some questions I still see without a clear answer:
ACK on most answers from Luk, some more comments on some of them
below.
- what about non-DDs that are currently tracked in MIA database,
along with DDs?
Nothing changes regarding MIA.
Yes and no. My hope is that the implementation of this proposal would
significantly reduce the workload of MIA, letting that team work only
on non-DD maintainers.
- what will happen to the packages of DDs deactivated by this
proposal?
I consider this totally orthogonal to the proposal per se and hence I,
on purpose, avoided to raise the issue in the thread. See below.
Like with the WAT runs, there will very probably be a feedback to
the MIA Team.
Uhm, I would prefer having feedback from that to QA directly. MIA is
needed to discover missing-in-action people. With the implementation
of this proposal we will know, among DD ranks, who is MIA without
needing to chasing it any more. Hence the notification can, for this
specific case, bypass MIA. But sure, downstream the effects should be
the same as for packages of non-DD maintainers discovered to be MIA.
What to do with such notification is a (not new) topic for -qa, not
-project.
- will the MIA team be dismantled? who's in charge of this? will you
take care of removing all the traces of MIA team from Debian
documentations (like wiki, devref, etc) or from wherever is
referenced? (of course, if we decide to remove it and not archive)
or edit them, where needed?
You are mixing WAT and MIA apparently. The current proposal may replace
the DAM's WAT runs AFAICS, it does *not* affect MIA except from the
feedback generated after deactivation of DDs.
ACK. Again, I don't see MIA dying due to this proposal, I only see
it re-focusing his work on non-DD maintainers.
- what to do about the current (yet unanswered) queries we've
received? should we reply please wait for this to be approved?
should we fulfill? when should we stop operations? (I'm personally not
that motivated to work on something that's dying.)
There is no reason at all to change processing.
Still, the question of what should be done in the interim for DD
maintainers while the proposal actually gets implemented is a good
one. Here we have a trade-off: on one hand you don't want to invest a
lot of time in accounts that will be spotted more easily at the first
run of this proposal; on the other hand, if the proposal gets time to
get implemented (hey, here we're talking, but the burden of putting it
up to speed has been pushed to somebody else!) you don't want to loose
MIA-chasing abilities.
I don't have _the_ answer for that. What I can do, if you are
interested, is to hand over the list of potentially disabled DDs to
pinpoint your MIA queries at them and avoid/focus MIA activities
elsewhere.
discuss with) the MIA team about this proposal (since the team main
activities are under discussion here), either before or after your
made it public.
/me rolls eyeso_O
It is true that I did not contact the MIA team in the first place; I
do apologize for that, but at my defense I stress that I did not see,
as I do not see now, this proposal dismantling MIA. Nevertheless,
after my first message to -project some weeks ago you, as the only
active MIA team member AFAIK, contacted me on IRC. At the end of that
brief chat, my understanding was that we agreed upon seeing how the
proposal was going to be received on -project. I still do not see
which problem this proposal causes to MIA and MIA team.
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity - status update
Hi Stefano, On Mon, Aug 3, 2009 at 09:21, Stefano Zacchiroliz...@debian.org wrote: On Mon, Aug 03, 2009 at 07:29:20AM +0200, Luk Claes wrote: some questions I still see without a clear answer: ACK on most answers from Luk, some more comments on some of them below. - what about non-DDs that are currently tracked in MIA database, along with DDs? Nothing changes regarding MIA. Yes and no. My hope is that the implementation of this proposal would significantly reduce the workload of MIA, letting that team work only on non-DD maintainers. That is the much more time-consuming than checking DDs. for our fellow DDs we have several data sources (mls posts, uploads, key usage) to track them, while we don't have anything similar for non-DDs. So several manual researches are needed (either on lists.d.o, google, etc etc). So, while removing the easiest part (checking DDs) we are left with the most difficult and time-consuming part. - what will happen to the packages of DDs deactivated by this proposal? I consider this totally orthogonal to the proposal per se and hence I, on purpose, avoided to raise the issue in the thread. See below. Like with the WAT runs, there will very probably be a feedback to the MIA Team. Uhm, I would prefer having feedback from that to QA directly. MIA is needed to discover missing-in-action people. With the implementation of this proposal we will know, among DD ranks, who is MIA without needing to chasing it any more. Hence the notification can, for this specific case, bypass MIA. But sure, downstream the effects should be the same as for packages of non-DD maintainers discovered to be MIA. What to do with such notification is a (not new) topic for -qa, not -project. Ok, so there should be a communication of removed DDs, at least on -private, so that DDs working on QA at least know it. if you/other feel it unappropriate, please suggest some other form of communication or ways to handle this. either in this proposal or at a later stage. - will the MIA team be dismantled? who's in charge of this? will you take care of removing all the traces of MIA team from Debian documentations (like wiki, devref, etc) or from wherever is referenced? (of course, if we decide to remove it and not archive) or edit them, where needed? You are mixing WAT and MIA apparently. The current proposal may replace the DAM's WAT runs AFAICS, it does *not* affect MIA except from the feedback generated after deactivation of DDs. ACK. Again, I don't see MIA dying due to this proposal, I only see it re-focusing his work on non-DD maintainers. see above: this way our work is reduced in number, to focus on the most annoying, difficult, quite frustrating and pointless (non-DDs are not part of the project, in a strict sense (don't get me wrong here, I know they are valuable contributors, but they can't vote, blablabla)). But I also have to be honest and affirm that we receive much less requests for non-DDs than for DDs. - what to do about the current (yet unanswered) queries we've received? should we reply please wait for this to be approved? should we fulfill? when should we stop operations? (I'm personally not that motivated to work on something that's dying.) There is no reason at all to change processing. Still, the question of what should be done in the interim for DD maintainers while the proposal actually gets implemented is a good one. Here we have a trade-off: on one hand you don't want to invest a lot of time in accounts that will be spotted more easily at the first run of this proposal; on the other hand, if the proposal gets time to get implemented (hey, here we're talking, but the burden of putting it up to speed has been pushed to somebody else!) you don't want to loose MIA-chasing abilities. I don't have _the_ answer for that. What I can do, if you are interested, is to hand over the list of potentially disabled DDs to pinpoint your MIA queries at them and avoid/focus MIA activities elsewhere. Of course it would be welcome: I'll cross check the current TODO list marking as 'pending on the proposal to be implemented' accordingly. discuss with) the MIA team about this proposal (since the team main activities are under discussion here), either before or after your made it public. /me rolls eyeso_O It is true that I did not contact the MIA team in the first place; I do apologize for that, but at my defense I stress that I did not see, as I do not see now, this proposal dismantling MIA. Nevertheless, after my first message to -project some weeks ago you, as the only active MIA team member AFAIK, Well, I might be the most active, not the only one. contacted me on IRC. At the end of that Yes, I contacted you, and I was quite surprised by this sudden proposal. Probably I should have made clear at that time that a contact would have been welcome. brief chat, my understanding was that we agreed upon seeing how
Re: Re-thinking Debian membership - take #1: inactivity - status update
On Sun, Aug 2, 2009 at 11:56, Stefano Zacchiroliz...@debian.org wrote: On Wed, Jul 22, 2009 at 06:03:41PM +0200, Stefano Zacchiroli wrote: This proposal received a lot of interest back then, but in the end went nowhere. I think we should resurrect it and put into use at least some of its parts. In particular, the part about expiration of DD rights received only minor criticisms; criticisms which I've tried to address. Here is a status update. My reading of the discussion which followed the initial proposal is that we have consensus on the general idea; yet, there are small divergences on some details (e.g., 1 year vs 2 year, when/if notifying, ...). some questions I still see without a clear answer: - who will decide the above (and below) details? are they left to the implementors? I believe the proposal should contains some sort of lower limits (what if they decide 1 month of inactivity is enough? ok it's purely hypotetical, but it still applies). - what's your ETA for this proposal to be operative? - what about non-DDs that are currently tracked in MIA database, along with DDs? - what will happen to the packages of DDs deactivated by this proposal? - will the MIA team be dismantled? who's in charge of this? will you take care of removing all the traces of MIA team from Debian documentations (like wiki, devref, etc) or from wherever is referenced? (of course, if we decide to remove it and not archive) or edit them, where needed? - what to do about the current (yet unanswered) queries we've received? should we reply please wait for this to be approved? should we fulfill? when should we stop operations? (I'm personally not that motivated to work on something that's dying.) Since, AFAIR, DAM has not commented in the thread, in the last days I contacted a DAM representative (Joerg Jaspert) in private to seek comments on the idea. The bottom line is that DAM is fine with the proposed changes and is willing to replace (manual) WAT runs [2] with an automatic mechanism like the one we discussed. I also pinged DSA, which reasonably considers this discussion none of its business and will happily implement whatever the project and DAM decide on the matter. I do believe it would have been nice if you contacted (not saying discuss with) the MIA team about this proposal (since the team main activities are under discussion here), either before or after your made it public. According to constitution and delegation, DAM is already fully empowered to implement the proposed changes and also has the freedom to decide upon the details. Hence, I personally don't think we need a vote on this issue. Once ready, DAM can announce the change via the usual channels, possibly referencing the thread at [1] as evidence of discussion of the issue within the project. Of course, if some of us is in utter disagreement with the proposal (or with the forthcoming implementation), she has the usual right to call for a vote on a more specific proposal. Since I'm happy with the current/forthcoming state of affairs, I will not do that. ok, I'm kinda agnostic about it, so I just sit and wait to see what will happen. Regards, -- Sandro Tosi (aka morph, morpheus, matrixhasu) My website: http://matrixhasu.altervista.org/ Me at Debian: http://wiki.debian.org/SandroTosi -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity - status update
Sandro Tosi wrote: On Sun, Aug 2, 2009 at 11:56, Stefano Zacchiroliz...@debian.org wrote: On Wed, Jul 22, 2009 at 06:03:41PM +0200, Stefano Zacchiroli wrote: This proposal received a lot of interest back then, but in the end went nowhere. I think we should resurrect it and put into use at least some of its parts. In particular, the part about expiration of DD rights received only minor criticisms; criticisms which I've tried to address. Here is a status update. My reading of the discussion which followed the initial proposal is that we have consensus on the general idea; yet, there are small divergences on some details (e.g., 1 year vs 2 year, when/if notifying, ...). some questions I still see without a clear answer: - who will decide the above (and below) details? are they left to the implementors? I believe the proposal should contains some sort of lower limits (what if they decide 1 month of inactivity is enough? ok it's purely hypotetical, but it still applies). DAM. Well, when DAM would decide too restrictive, one could try to convince them to do otherwise or even overrule them. - what's your ETA for this proposal to be operative? That's up to DAM. - what about non-DDs that are currently tracked in MIA database, along with DDs? Nothing changes regarding MIA. - what will happen to the packages of DDs deactivated by this proposal? Like with the WAT runs, there will very probably be a feedback to the MIA Team. - will the MIA team be dismantled? who's in charge of this? will you take care of removing all the traces of MIA team from Debian documentations (like wiki, devref, etc) or from wherever is referenced? (of course, if we decide to remove it and not archive) or edit them, where needed? You are mixing WAT and MIA apparently. The current proposal may replace the DAM's WAT runs AFAICS, it does *not* affect MIA except from the feedback generated after deactivation of DDs. - what to do about the current (yet unanswered) queries we've received? should we reply please wait for this to be approved? should we fulfill? when should we stop operations? (I'm personally not that motivated to work on something that's dying.) There is no reason at all to change processing. Since, AFAIR, DAM has not commented in the thread, in the last days I contacted a DAM representative (Joerg Jaspert) in private to seek comments on the idea. The bottom line is that DAM is fine with the proposed changes and is willing to replace (manual) WAT runs [2] with an automatic mechanism like the one we discussed. I also pinged DSA, which reasonably considers this discussion none of its business and will happily implement whatever the project and DAM decide on the matter. I do believe it would have been nice if you contacted (not saying discuss with) the MIA team about this proposal (since the team main activities are under discussion here), either before or after your made it public. You seem to misunderstand the proposal AFAICS. The MIA Team would still be operative for non DDs in general and for DDs in a proactive way (aka during the inactivity period). Cheers Luk -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Fri, Jul 24, 2009 at 11:32:54AM +0200, Lionel Elie Mamane wrote: On Thu, Jul 23, 2009 at 02:19:38AM +0200, Lucas Nussbaum wrote: On 23/07/09 at 01:10 +0200, Stefano Zacchiroli wrote: On Thu, Jul 23, 2009 at 12:57:07AM +0200, Lucas Nussbaum wrote: Inactive maintainers do not make harm by definition. The two are completely orthogonal. Also, I disagree that inactive maintainer do no harm; they do harm if you think they are still feeling responsible for a package while they are not. Sure, I meant that they do not harm the archive since they do not upload packages. Large numbers of them *do* harm the project since they raise the constitution's Q/K, but don't vote / second proposals / ... I don't think we are at the level where this is an actual problem, but it is theoretically possible. While this is true for Q, it is not true for K. K cannot raise beyond 5; and Q has not been a problem, ever. -- The biometric identification system at the gates of the CIA headquarters works because there's a guard with a large gun making sure no one is trying to fool the system. http://www.schneier.com/blog/archives/2009/01/biometrics.html -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Steve Langasek vor...@debian.org wrote: On Wed, Jul 22, 2009 at 06:49:35PM +0200, Stefano Zacchiroli wrote: On Wed, Jul 22, 2009 at 06:23:05PM +0200, Wouter Verhelst wrote: I have nothing against this in principle, but how is this any different from the people who manage the MIA database? The main difference is the automation of the process. MIA, which currently is 1 person, requires manual activity and efforts. If we agree that automatically, if you stop exercising your DD rights, you go away after 2 years, the energy which we currently spend in MIA [1] can be better spend in doing other QA activities. I really don't see the benefit in the added MIA layer. You stop working for Debian for a long period: you go away; the day you'll re-gain interest: you can come back. If it's going to be automated, does it behoove us to also send automated mails to DDs that are getting close to the two-year limit, warning them? Or is it your view that 2 years without activity is so far beyond what's reasonable that there's no reason to give such a warning? Just as a side note: I've been much less active in the last 2 years than I used to be, but I'm still involved in TeX packaging and reading some of -devel and -project, and I feel like a DD. I'm not sure when my last upload was before I did the oldstable uploads for teTeX and TeXLive a couple of weeks ago - and had that not become necessarz at a time where Norbert was VAC, it might have taken a couple of months more until my next upload. I did contribute to the uploaded packages, though, and wouldn't feel like going into emeritus state. Since there are not many DDs (and no DM so far) in the TeX team, I guess the existence of a second DD in the team is of value for the project too. Therfore, I would have appreciated a note about loosing upload rights if the rules discussed here would have already been in place. Regards, Frank -- Dr. Frank Küster Debian Developer (TeXLive) VCD Aschaffenburg-Miltenberg, ADFC Miltenberg B90/Grüne KV Miltenberg -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Stefano Zacchiroli z...@debian.org wrote: On Thu, Jul 23, 2009 at 12:17:19PM +0200, Steve Langasek wrote: I think that the time framework is large enough not to have a warning. One of the reasons I think it would be useful to have warnings is that there are other ways in which DDs may be constantly contributing (e.g., contributing regularly to a package VCS), without *realizing* that they haven't done an upload in x years; so perhaps they haven't needed to do any uploads in that time, but aren't idle and shouldn't be idled out without warning. Well, I've no strong objection on that. Still, I'd prefer not to have to write such specific details on the text we are going to vote on. I propose to leave such details to DAM / DSA, would you be fine with that? Agreed, Frank -- Dr. Frank Küster Debian Developer (TeXLive) VCD Aschaffenburg-Miltenberg, ADFC Miltenberg B90/Grüne KV Miltenberg -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Sun, Jul 26, 2009 at 01:38:04AM +0200, Bernd Zeimetz wrote: Steve Langasek wrote: The infrastructure is essential for our distribution, same for documentations an translations. I can't see a reason why such people should not be able to become DDs. Because it implies a professional priest caste separate from the developers who will inevitably drift away and lose the perspective needed to understand the concerns of people actually working on the distro? No, because a lot of infrastructure stuff takes so much time that it is almost not possible to maintain packages probably anymore. Remember, people have a real life, too. I think this could be said equally as accurately that people who work on the infrastructure put all their time into it to the exclusion of package work - yielding the opposite conclusion to yours. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Fri, Jul 24, 2009 at 05:34:19PM +0200, Bernd Zeimetz wrote: Steve Langasek wrote: On Thu, Jul 23, 2009 at 11:52:11PM +0200, Bernd Zeimetz wrote: But I know that there are/will be DDs which do infrastructure stuff only, and rarely upload packages. Such DDs should never be regarded as MIA, of course. I am not convinced of this. Infrastructure contributions are necessary and valuable, but we don't admit people as Debian Developers on the basis of infrastructure contributions, nor to work on infrastructure; they become developers to work on the distribution. The infrastructure is essential for our distribution, same for documentations an translations. I can't see a reason why such people should not be able to become DDs. Because it implies a professional priest caste separate from the developers who will inevitably drift away and lose the perspective needed to understand the concerns of people actually working on the distro? Because people who are trusted with this critical infrastructure earn that trust by being developers first, not by coming in as unknown outsiders and volunteering to be given control over infrastructure tasks? -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Steve Langasek wrote: The infrastructure is essential for our distribution, same for documentations an translations. I can't see a reason why such people should not be able to become DDs. Because it implies a professional priest caste separate from the developers who will inevitably drift away and lose the perspective needed to understand the concerns of people actually working on the distro? No, because a lot of infrastructure stuff takes so much time that it is almost not possible to maintain packages probably anymore. Remember, people have a real life, too. Because people who are trusted with this critical infrastructure earn that trust by being developers first, not by coming in as unknown outsiders and volunteering to be given control over infrastructure tasks? See above. Also: There're a lot of teams where outsiders can help and earn trust witout being able to break things. -- Bernd Zeimetz Debian GNU/Linux Developer GPG Fingerprints: 06C8 C9A2 EAAD E37E 5B2C BE93 067A AD04 C93B FF79 ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Bernd Zeimetz be...@bzed.de (26/07/2009): See above. Also: There're a lot of teams where outsiders can help and earn trust without being able to break things. Do you mean people like Simon Paillard? With contributions in l10n, i18n, www, and mirror domains? If you didn't, I (at the very least) do. Mraw, KiBi. signature.asc Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity
Cyril Brulebois wrote: Bernd Zeimetz be...@bzed.de (26/07/2009): See above. Also: There're a lot of teams where outsiders can help and earn trust without being able to break things. Do you mean people like Simon Paillard? With contributions in l10n, i18n, www, and mirror domains? Yes. -- Bernd Zeimetz Debian GNU/Linux Developer GPG Fingerprints: 06C8 C9A2 EAAD E37E 5B2C BE93 067A AD04 C93B FF79 ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Fri, Jul 24 2009, Kevin Mark wrote: If someone goes through the arduious process of becomeing a DD: proving their knowledge of: a. FLOSS ideals, b. Debian ideals, c. FLOSS legal ideas, d. computer languages, e. social skills f. and patience to wait for various approvals, account creation, g. getting packages though NEW and h. making uploads that dont damage users systems. And then assuming they go MIA, get their account deactivated and then reapply for DD status. What are they expected to show to be readmitted? I dont assume that they lost any of those skills in a-h. Packaging for Debian is not a static knowledge base; policies and practices change, and there are changes in infrastructure. If you have been away for a few years, you migh well be out of touch, and it is not unreasonable for the project to ask them to demonstrate that they retain the requisite skills. Also, computer language skills do degrade with lack of practice; I am far less fluent in languages I have not used for a few years than when I was using them actively. Is it a show of re-commitmant needed? I think so. manoj ps: You have a huge sig, in the good old days nettiquette limited sigs to less than 4 lines. -- Overdrawn? But I still have checks left! Manoj Srivastava sriva...@debian.org http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 11:52:11PM +0200, Bernd Zeimetz wrote: But I know that there are/will be DDs which do infrastructure stuff only, and rarely upload packages. Such DDs should never be regarded as MIA, of course. I am not convinced of this. Infrastructure contributions are necessary and valuable, but we don't admit people as Debian Developers on the basis of infrastructure contributions, nor to work on infrastructure; they become developers to work on the distribution. I don't think the requirements for continued developership should be so different from the requirements for initial NM acceptance. In particular, I'm concerned about the prospect of developers in such a circumstance coming to view themselves as infrastructure people, and not as package maintainers, which I think would have a negative impact on the relationship of DDs as peers. I would draw a distinction here between infrastructure vs. documentation and translation, btw, in that in the latter cases, the question of trying to integrate these contributors into the NM process has been brought up numerous times, and I've never heard anyone argue that non-DD contributors to infrastructure should be recognized for their work by being made full DDs. I think all the arguments against doing that (and I can think of a number of them, perhaps you can think of others) are also arguments against people remaining DDs when they only do infrastructure. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 11:52:11PM +0200, Bernd Zeimetz wrote:
Should activity in teams be enough reason to be regarded as an active DD?
Yes.
On Thu, Jul 23, 2009 at 10:35:00PM -0500, Manoj Srivastava wrote:
Also people who do translations. Perhaps we can institute other
sensors/probes that can track such activity? (Committing to a VCS could
send off a email to a bot recording who did the commit, for example).
This can detect any activity by a person on a team VCS site, for
instance.
This is the kind of things I intended (and still intend) to avoid in
the proposal. DD rights let you do things you couldn't do without
them, mainly two: vote and do uploads [1]. I think we should measure
them as a basis for being active, you can continue doing the other
tasks also without DD rights.
As a matter of fact, I'm quite sure that the case of active DDs, doing
commits and stuff, and not doing neither an upload or a vote in 2
years is basically unexistent. If there is a strong sentiment that
this is not the case, we can cross the MIA database with my draft
inactivity data to verify that.
Cheers.
[1] there are some other, such as accessing project machine, but given
what we are supposed to do---creating a package based operating
system in a democratic project---voting and uploading is what
characterizes most DD role (IMO of course)
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity
On Fri Jul 24 08:43, Steve Langasek wrote: I am not convinced of this. Infrastructure contributions are necessary and valuable, but we don't admit people as Debian Developers on the basis of infrastructure contributions, nor to work on infrastructure; They may need (depending what it is they do) Debian machine access, which is typically restricted to DDs (although I don't know whether specific exceptions are made). In any case, I really don't see a problem with people who want to remain DDs doing so, regardless of what they actually do. The people who don't really want to, but also don't get round to resigning, are the problem. In that case, providing an address people can pin with signed mail as an alternative to package uploads will allow us to catch the (hopefully small) segment who neither upload nor vote. What I could see as reasonable, is restricting specifically upload rights of people who don't use them. This would tie in with the finer-grained membership I have on a couple of occasions proposed. I don't think that we should stop them being DDs, however, and I do think the bar should be low for getting them back. Matt -- Matthew Johnson signature.asc Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 02:19:38AM +0200, Lucas Nussbaum wrote: On 23/07/09 at 01:10 +0200, Stefano Zacchiroli wrote: On Thu, Jul 23, 2009 at 12:57:07AM +0200, Lucas Nussbaum wrote: Inactive maintainers do not make harm by definition. The two are completely orthogonal. Also, I disagree that inactive maintainer do no harm; they do harm if you think they are still feeling responsible for a package while they are not. Sure, I meant that they do not harm the archive since they do not upload packages. Large numbers of them *do* harm the project since they raise the constitution's Q/K, but don't vote / second proposals / ... I don't think we are at the level where this is an actual problem, but it is theoretically possible. -- Lionel -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Fri, Jul 24 2009, Matthew Johnson wrote: On Fri Jul 24 08:43, Steve Langasek wrote: I am not convinced of this. Infrastructure contributions are necessary and valuable, but we don't admit people as Debian Developers on the basis of infrastructure contributions, nor to work on infrastructure; They may need (depending what it is they do) Debian machine access, which is typically restricted to DDs (although I don't know whether specific exceptions are made). Then that is also easily measured. We can easily log access to restricted developer machines, and add that tot he mettric. manoj -- Don't tell me what you dreamed last night for I've been reading Freud. Manoj Srivastava sriva...@debian.org http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Fri, Jul 24 2009, Stefano Zacchiroli wrote: On Thu, Jul 23, 2009 at 11:52:11PM +0200, Bernd Zeimetz wrote: Should activity in teams be enough reason to be regarded as an active DD? Yes. On Thu, Jul 23, 2009 at 10:35:00PM -0500, Manoj Srivastava wrote: Also people who do translations. Perhaps we can institute other sensors/probes that can track such activity? (Committing to a VCS could send off a email to a bot recording who did the commit, for example). This can detect any activity by a person on a team VCS site, for instance. This is the kind of things I intended (and still intend) to avoid in the proposal. DD rights let you do things you couldn't do without them, mainly two: vote and do uploads [1]. I think we should measure them as a basis for being active, you can continue doing the other tasks also without DD rights. Fair enough. One can also add logging in to restricted machines to this (need to be a DD to do that), but not if we take into account Steve Langaseck's argument that purely infrastructure activities should not serve as a basis for non-MIA. manoj -- Do not think by infection, catching an opinion like a cold. Manoj Srivastava sriva...@debian.org http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Stefano Zacchiroli wrote: On Thu, Jul 23, 2009 at 11:52:11PM +0200, Bernd Zeimetz wrote: Should activity in teams be enough reason to be regarded as an active DD? Yes. On Thu, Jul 23, 2009 at 10:35:00PM -0500, Manoj Srivastava wrote: Also people who do translations. Perhaps we can institute other sensors/probes that can track such activity? (Committing to a VCS could send off a email to a bot recording who did the commit, for example). This can detect any activity by a person on a team VCS site, for instance. This is the kind of things I intended (and still intend) to avoid in the proposal. DD rights let you do things you couldn't do without them, mainly two: vote and do uploads [1]. I think we should measure them as a basis for being active, you can continue doing the other tasks also without DD rights. As a matter of fact, I'm quite sure that the case of active DDs, doing commits and stuff, and not doing neither an upload or a vote in 2 years is basically unexistent. If there is a strong sentiment that this is not the case, we can cross the MIA database with my draft inactivity data to verify that. DPL election are in the same period of years. IMHO we should relax the requirements to some signed activity. Votes and uploads are signed, but also a signed reply to a MIA reminder should be enough, so we don't force unneeded uploads. (yes, your proposal includes nothing about upload quality: this is also very difficult to rule). I worry that your proposal will create some difficult to non uploaders DD (in case we will finally fully admit to the project). ciao cate -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Manoj Srivastava wrote: Setting up a bot should not be too much work, once we set out the format of the structured email received. And an archive of the mail, perhaps sorted by the human it is attributed to, can help a human auditing the system. Just use the code and from CIA.vc. -- Bernd Zeimetz Debian GNU/Linux Developer GPG Fingerprints: 06C8 C9A2 EAAD E37E 5B2C BE93 067A AD04 C93B FF79 ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Steve Langasek wrote: On Thu, Jul 23, 2009 at 11:52:11PM +0200, Bernd Zeimetz wrote: But I know that there are/will be DDs which do infrastructure stuff only, and rarely upload packages. Such DDs should never be regarded as MIA, of course. I am not convinced of this. Infrastructure contributions are necessary and valuable, but we don't admit people as Debian Developers on the basis of infrastructure contributions, nor to work on infrastructure; they become developers to work on the distribution. The infrastructure is essential for our distribution, same for documentations an translations. I can't see a reason why such people should not be able to become DDs. -- Bernd Zeimetz Debian GNU/Linux Developer GPG Fingerprints: 06C8 C9A2 EAAD E37E 5B2C BE93 067A AD04 C93B FF79 ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Manoj Srivastava wrote: On Fri, Jul 24 2009, Kevin Mark wrote: If someone goes through the arduious process of becomeing a DD: proving their knowledge of: a. FLOSS ideals, b. Debian ideals, c. FLOSS legal ideas, d. computer languages, e. social skills f. and patience to wait for various approvals, account creation, g. getting packages though NEW and h. making uploads that dont damage users systems. And then assuming they go MIA, get their account deactivated and then reapply for DD status. What are they expected to show to be readmitted? I dont assume that they lost any of those skills in a-h. Packaging for Debian is not a static knowledge base; policies and practices change, and there are changes in infrastructure. If you have been away for a few years, you migh well be out of touch, and it is not unreasonable for the project to ask them to demonstrate that they retain the requisite skills. Also, computer language skills do degrade with lack of practice; I am far less fluent in languages I have not used for a few years than when I was using them actively. and the checks changes. We are now stricter on licenses and on social skills. My NM checks (in 2000) were a lot easier as today, but older developers has a lot less checks. ciao cate -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Wed, Jul 22, 2009 at 06:49:35PM +0200, Stefano Zacchiroli wrote: On Wed, Jul 22, 2009 at 06:23:05PM +0200, Wouter Verhelst wrote: I have nothing against this in principle, but how is this any different from the people who manage the MIA database? The main difference is the automation of the process. MIA, which currently is 1 person, requires manual activity and efforts. If we agree that automatically, if you stop exercising your DD rights, you go away after 2 years, the energy which we currently spend in MIA [1] can be better spend in doing other QA activities. I really don't see the benefit in the added MIA layer. You stop working for Debian for a long period: you go away; the day you'll re-gain interest: you can come back. If it's going to be automated, does it behoove us to also send automated mails to DDs that are getting close to the two-year limit, warning them? Or is it your view that 2 years without activity is so far beyond what's reasonable that there's no reason to give such a warning? You also seem to be suggesting that returning to Debian after being auto-MIAed should be a trivial process (the day you'll re-gain interest, you can come back). That's a departure from our current process, which requires those who go MIA to re-submit themselves to the NM process. If it *is* your position that MIAed developers should have an easier time getting back into the project, à la emeritus status, can you explain why? For my part, I strongly disagree with such an idea, which is one reason I think warning: your account will be disabled next month type mails would be beneficial, so that there's less pressure on us to give MIA developers a pass when it comes to getting back in. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 02:19:38AM +0200, Lucas Nussbaum wrote:
I'm not sure if this is the correct approach to that problem: It
doesn't take in account maintainers that are not DDs, and that can
also become MIA. But it could be used in addition to other
approaches.
Fair enough, that's actually a good argument for not getting rid of
the current MIA process, but rather keep on using it for non DD
maintainers. Still, as you observe, it doesn't seem to be against this
precise proposal. .oO( it also made me wonder that the proposal should
probably be extended to DMs, of course only counting uploads cause
they currently have no voting rights )
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 05:38:58AM +0200, Steve Langasek wrote:
If it's going to be automated, does it behoove us to also send
automated mails to DDs that are getting close to the two-year limit,
warning them? Or is it your view that 2 years without activity is
so far beyond what's reasonable that there's no reason to give such
a warning?
I think that the time framework is large enough not to have a
warning. However, unless there is a strong demand to clarify this
details, I believe that they should be left to DAM. We resolve about
the principle: to be in this project you need to be active and that
you stop being in the project if you stay inactive for too long.
You also seem to be suggesting that returning to Debian after being
auto-MIAed should be a trivial process (the day you'll re-gain
interest, you can come back). That's a departure from our current
process, which requires those who go MIA to re-submit themselves to
the NM process. If it *is* your position that MIAed developers
should have an easier time getting back into the project
Right, that's an important point, thanks for asking. I don't think
that coming back after a long period of inactivity without a word
should be too easy. Actually, that's why the proposal explicitly avoid
using the emeritus status, which is our easy way to come back.
If you are inactive and don't care to let the project know about that
for too long, your account should be disabled (maybe keeping @d.o for
a while). From there, in my opinion, you can either appeal to DAM to
become emeritus, or you will start from scratch as in the MIA process.
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity
Stefano Zacchiroli wrote: * DDs which are not active for 2 years or more automatically loose vote and upload rights. * Activity is defined as not having neither voted nor signed any ^Inactivity probably. upload (in the past 2 years). Just for comparison, the developer's reference also has a definition of expected activity when it comes to RC bugs: If, for any reason, you aren't able fix an RC bug in a package of yours within 2 weeks, you should either ask for help by sending a mail to the Quality Assurance (QA) group debian...@lists.debian.org, or explain your difficulties and present a plan to fix them by sending a mail to the bug report. Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/ -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Stefano Zacchiroli wrote: * DDs which are not active for 2 years or more automatically loose vote and upload rights. * Activity is defined as not having neither voted nor signed any upload (in the past 2 years). My opinion in two short comments: - reduce the time to 1 year - uploads won't work for all DDs (some are active in teams only, some do documentation/... stuff only), a better way to measure activity is necessary here probably. But voting is a good thing to look at, definitely. -- Bernd Zeimetz Debian GNU/Linux Developer GPG Fingerprints: 06C8 C9A2 EAAD E37E 5B2C BE93 067A AD04 C93B FF79 ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Wed, Jul 22, 2009 at 06:03:41PM +0200, Stefano Zacchiroli wrote: * DDs which are not active for 2 years or more automatically loose vote and upload rights. * Activity is defined as not having neither voted nor signed any upload (in the past 2 years). I'm looking for comments on this proposal. If there is interest, I of course volunteer to draft the GR text. I agree with the proposal, and I can help in writing the draft. Cheers -- Enrico Tassi -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On 23/07/09 at 10:52 +0200, Bernd Zeimetz wrote: Stefano Zacchiroli wrote: * DDs which are not active for 2 years or more automatically loose vote and upload rights. * Activity is defined as not having neither voted nor signed any upload (in the past 2 years). My opinion in two short comments: - reduce the time to 1 year - uploads won't work for all DDs (some are active in teams only, some do documentation/... stuff only), a better way to measure activity is necessary here probably. But voting is a good thing to look at, definitely. If a warning is sent one month before, looking at uploads is likely to be good enough. Let's not build something super-complex for some corner cases that can easily be dealt with by human intervention. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Lucas Nussbaum wrote: On 23/07/09 at 10:52 +0200, Bernd Zeimetz wrote: Stefano Zacchiroli wrote: * DDs which are not active for 2 years or more automatically loose vote and upload rights. * Activity is defined as not having neither voted nor signed any upload (in the past 2 years). My opinion in two short comments: - reduce the time to 1 year - uploads won't work for all DDs (some are active in teams only, some do documentation/... stuff only), a better way to measure activity is necessary here probably. But voting is a good thing to look at, definitely. If a warning is sent one month before, looking at uploads is likely to be good enough. Let's not build something super-complex for some corner cases that can easily be dealt with by human intervention. You're still forgetting the DDs which don't have packages at all. They can't just do an upload.. We'd have to track them manually - but that's ot a bug problem, and in the best case it just doesn't exist as they voted..:) -- Bernd Zeimetz Debian GNU/Linux Developer GPG Fingerprints: 06C8 C9A2 EAAD E37E 5B2C BE93 067A AD04 C93B FF79 ECA1 E3F2 8E11 2432 D485 DD95 EB36 171A 6FF9 435F -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 10:52:20AM +0200, Bernd Zeimetz wrote: My opinion in two short comments: - reduce the time to 1 year This introduces the possibility that, even if the DD votes in every election and uploads their packages once per release cycle, they'll be MIAed out of Debian - if one year the DPL vote is a little early, and the next year it's a little late, and there are no GRs during the intervening year, then a year passes in between votes. I think if we're going to expire DDs out in the described fashion, 2 years is the minimum threshold we should use. - uploads won't work for all DDs (some are active in teams only, some do documentation/... stuff only), a better way to measure activity is necessary here probably. But voting is a good thing to look at, definitely. Should activity in teams be enough reason to be regarded as an active DD? (Are you referring here to package teams, or infrastructure teams?) -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 10:26:45AM +0200, Stefano Zacchiroli wrote: On Thu, Jul 23, 2009 at 05:38:58AM +0200, Steve Langasek wrote: If it's going to be automated, does it behoove us to also send automated mails to DDs that are getting close to the two-year limit, warning them? Or is it your view that 2 years without activity is so far beyond what's reasonable that there's no reason to give such a warning? I think that the time framework is large enough not to have a warning. One of the reasons I think it would be useful to have warnings is that there are other ways in which DDs may be constantly contributing (e.g., contributing regularly to a package VCS), without *realizing* that they haven't done an upload in x years; so perhaps they haven't needed to do any uploads in that time, but aren't idle and shouldn't be idled out without warning. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Hi, On Thu, Jul 23, 2009 at 12:56:00PM +0200, Steve Langasek wrote: On Thu, Jul 23, 2009 at 10:52:20AM +0200, Bernd Zeimetz wrote: My opinion in two short comments: - reduce the time to 1 year This introduces the possibility that, even if the DD votes in every election and uploads their packages once per release cycle, they'll be MIAed out of Debian - if one year the DPL vote is a little early, and the next year it's a little late, and there are no GRs during the intervening year, then a year passes in between votes. I'm not sure, how much efforts this would take, but it should be possible to couple the expire-check with a check if a vote took place during the year of inactivity and if yes, go on with removing, otherwise send a warning (to whoever we consider responsible for this) and do nothing. I think if we're going to expire DDs out in the described fashion, 2 years is the minimum threshold we should use. Why? I think there are not _really_ technical reasons speaking against 1y and its also a reasonable long time frame. If people actually are doing nothing for 2 years (!) it hurts the project quiet hard (in fact its already hard if certain pieces in the project are un-maintained for a year.. so..) - uploads won't work for all DDs (some are active in teams only, some do documentation/... stuff only), a better way to measure activity is necessary here probably. But voting is a good thing to look at, definitely. Should activity in teams be enough reason to be regarded as an active DD? (Are you referring here to package teams, or infrastructure teams?) Yes. Beeing a DD does not require beeing a Packager, nor does it require to be an Uploader. If the person in question contributes to Debian, for example by committing to the python modules team and this in a regular manner it should be okay for him to stay a DD. However with a (n package uploads||n votes)/year logic there is a problem remaining: What to do with people who are not contributing to Debian, but exercising their voting rights? Best Regards, Patrick -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 12:17:19PM +0200, Steve Langasek wrote:
I think that the time framework is large enough not to have a
warning.
One of the reasons I think it would be useful to have warnings is
that there are other ways in which DDs may be constantly
contributing (e.g., contributing regularly to a package VCS),
without *realizing* that they haven't done an upload in x years; so
perhaps they haven't needed to do any uploads in that time, but
aren't idle and shouldn't be idled out without warning.
Well, I've no strong objection on that.
Still, I'd prefer not to have to write such specific details on the
text we are going to vote on. I propose to leave such details to DAM /
DSA, would you be fine with that?
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 04:12:24PM +0200, Stefano Zacchiroli wrote: Still, I'd prefer not to have to write such specific details on the text we are going to vote on. I propose to leave such details to DAM / DSA, would you be fine with that? I don't think it's worth voting on anything so vague that it doesn't address these points. The DAM already have clear authority to implement this if they want to. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ slanga...@ubuntu.com vor...@debian.org -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 04:34:34PM +0200, Steve Langasek wrote:
On Thu, Jul 23, 2009 at 04:12:24PM +0200, Stefano Zacchiroli wrote:
Still, I'd prefer not to have to write such specific details on the
text we are going to vote on. I propose to leave such details to DAM /
DSA, would you be fine with that?
I don't think it's worth voting on anything so vague that it doesn't address
these points. The DAM already have clear authority to implement this if
they want to.
The specific detail was mail notification 1 month before
deactivation, do you really think that such a detail makes the
difference about the vagueness of the vote? I personally don't think
so.
The other important detail raised in the thread is exactly which
rights get lost, and I'm totally fine about making that clear, I've
asked for help on DSA on how to formulate it properly.
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity
On Wed, Jul 22 2009, Charles Plessy wrote: Personnaly, I would not mind a more stringent mechanism, for instance defining activity as changing one’s LDAP password once per year. Or if we want to be fancy, we could count time not in years but in releases. Releases are the greatest events of our Project, and there would be some sense to ask the developers if they want to do one more or retire after each time we harverst the fruits of our hard work. For the debian-med Alioth project, I proposed to make a post-release general ping but I am late to start it. If there is interest, I can report how it was perceived by the members after I finish it. his is silly. It is one thing to track activities that a DD is expected to perform in the normal course of being a DD, and performing which needs one to be a DD, and quite another to create bureaucratic busy work so someone can check off a mark. That goes for unsolicited pings to active developers as well. Now, if there is active work going on that does not reflect itself in uploads, then I can see using a signde/encrypted email to a role address every couple of years or so could be a work around to the auto MIA process. manoj -- Once the erosion of power begins, it has a momentum all its own. Manoj Srivastava sriva...@debian.org http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Wed, Jul 22 2009, Steve Langasek wrote: If it's going to be automated, does it behoove us to also send automated mails to DDs that are getting close to the two-year limit, warning them? Or is it your view that 2 years without activity is so far beyond what's reasonable that there's no reason to give such a warning? I would say the latter holds. And I also agree that MIA != emeritus manoj this could be interesting, going through NM again -- I'm a mean green mother from outer space Audrey II, The Little Shop of Horrors Manoj Srivastava sriva...@debian.org http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23 2009, Bernd Zeimetz wrote: Steve Langasek wrote: (Are you referring here to package teams, or infrastructure teams?) I doubt that packaging teams are a problem here, I'd imagine that every DD uploads a package one a year anyway. But I know that there are/will be DDs which do infrastructure stuff only, and rarely upload packages. Such DDs should never be regarded as MIA, of course. Also people who do translations. Perhaps we can institute other sensors/probes that can track such activity? (Committing to a VCS could send off a email to a bot recording who did the commit, for example). This can detect any activity by a person on a team VCS site, for instance. Setting up a bot should not be too much work, once we set out the format of the structured email received. And an archive of the mail, perhaps sorted by the human it is attributed to, can help a human auditing the system. manoj -- Life is a yo-yo, and mankind ties knots in the string. Manoj Srivastava sriva...@debian.org http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 05:38:58AM +0200, Steve Langasek wrote: On Wed, Jul 22, 2009 at 06:49:35PM +0200, Stefano Zacchiroli wrote: On Wed, Jul 22, 2009 at 06:23:05PM +0200, Wouter Verhelst wrote: I have nothing against this in principle, but how is this any different from the people who manage the MIA database? The main difference is the automation of the process. MIA, which currently is 1 person, requires manual activity and efforts. If we agree that automatically, if you stop exercising your DD rights, you go away after 2 years, the energy which we currently spend in MIA [1] can be better spend in doing other QA activities. I really don't see the benefit in the added MIA layer. You stop working for Debian for a long period: you go away; the day you'll re-gain interest: you can come back. If it's going to be automated, does it behoove us to also send automated mails to DDs that are getting close to the two-year limit, warning them? Or is it your view that 2 years without activity is so far beyond what's reasonable that there's no reason to give such a warning? You also seem to be suggesting that returning to Debian after being auto-MIAed should be a trivial process (the day you'll re-gain interest, you can come back). That's a departure from our current process, which requires those who go MIA to re-submit themselves to the NM process. If it *is* your position that MIAed developers should have an easier time getting back into the project, à la emeritus status, can you explain why? For my part, I strongly disagree with such an idea, which is one reason I think warning: your account will be disabled next month type mails would be beneficial, so that there's less pressure on us to give MIA developers a pass when it comes to getting back in. If someone goes through the arduious process of becomeing a DD: proving their knowledge of: a. FLOSS ideals, b. Debian ideals, c. FLOSS legal ideas, d. computer languages, e. social skills f. and patience to wait for various approvals, account creation, g. getting packages though NEW and h. making uploads that dont damage users systems. And then assuming they go MIA, get their account deactivated and then reapply for DD status. What are they expected to show to be readmitted? I dont assume that they lost any of those skills in a-h. Is it a show of re-commitmant needed? have sponcored uploads to recheck their attention to detail? ask them to start out as a DM for a probation period to limit their voting rights? -K -- | .''`. == Debian GNU/Linux == | my web site: | | : :' : The Universal |mysite.verizon.net/kevin.mark/| | `. `' Operating System| go to counter.li.org and | | `-http://www.debian.org/ |be counted! #238656 | | my keyserver: subkeys.pgp.net | my NPO: cfsg.org | |join the new debian-community.org to help Debian! | |___ Unless I ask to be CCd, assume I am subscribed ___| -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Wed, Jul 22, 2009 at 06:03:41PM +0200, Stefano Zacchiroli wrote: [ The original post I'm replying to is at http://lists.debian.org/debian-project/2008/10/msg00145.html ] On Fri, Oct 24, 2008 at 11:44:03AM +0300, Lars Wirzenius wrote: I do not like the way Joerg wants to change the way people become and are members of the Debian project. It's not all bad, but on the whole it makes some of the worst parts of Debian become worse. It concentrates power into fewer hands, removes some of the benefits of the Debian Maintainer process, adds more hoops to jump through, and makes the whole question of what it means to be a member of Debian massively complicated. I think we should go in the opposite direction: massively simplify the whole membership thing. This proposal received a lot of interest back then, but in the end went nowhere. I think we should resurrect it and put into use at least some of its parts. In particular, the part about expiration of DD rights received only minor criticisms; criticisms which I've tried to address. The essence of the proposal I'm advancing follows; if there is interest, it should then be converted into a GR text and voted upon. * DDs which are not active for 2 years or more automatically loose vote and upload rights. * Activity is defined as not having neither voted nor signed any upload (in the past 2 years). I have nothing against this in principle, but how is this any different from the people who manage the MIA database? -- The biometric identification system at the gates of the CIA headquarters works because there's a guard with a large gun making sure no one is trying to fool the system. http://www.schneier.com/blog/archives/2009/01/biometrics.html -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Wednesday 22 July 2009, Stefano Zacchiroli wrote: --- * DDs which are not active for 2 years or more automatically loose vote and upload rights. s/loose/lose/ I guess in practice that means: have their key removed from the keyring, plus probably some status change in ldap? What about access to project machines (e.g. people.d.o)? I'd like to see the consequences spelled out in the proposal. * Activity is defined as not having neither voted nor signed any upload (in the past 2 years). I find it somewhat strange that these criteria used are so much looser than those used in the WaT runs (except that the has a package in the archive test will exclude a lot of inactive DDs from Wat): http://lists.debian.org/debian-devel-announce/2007/07/msg4.html --- Cheers, FJP -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Wed, Jul 22, 2009 at 06:44:42PM +0200, Frans Pop wrote:
On Wednesday 22 July 2009, Stefano Zacchiroli wrote:
* DDs which are not active for 2 years or more automatically loose
vote and upload rights.
s/loose/lose/
Thanks, bad typo.
I guess in practice that means: have their key removed from the
keyring, plus probably some status change in ldap? What about access
to project machines (e.g. people.d.o)?
I'd like to see the consequences spelled out in the proposal.
Right. I put only the two typical DD rights in the proposal as the
rights you will lose. For sure, technically it would be a bit more,
like loosing access to project machines. However, I don't think it
would be beneficial to spell out in the actual text all
technicalities; maybe DSA can come up with an appropriate wording
which essentially corresponds to not being able to exercise DD
rights anymore? (Cc-ing the team address)
Things like @debian.org address should probably stay for a while, but
I would be happier to leave those details to DSA and hence outside the
actual text proposal.
I find it somewhat strange that these criteria used are so much
looser than those used in the WaT runs (except that the has a
package in the archive test will exclude a lot of inactive DDs from
Wat):
http://lists.debian.org/debian-devel-announce/2007/07/msg4.html
FWIW, I'd be fine even with 1 year period, and I've tested how the
numbers will change: the accounts that will get disabled would be
about 240. The rationale behind that the 2 years proposal was that
you'll get a chance to vote in at least 2 different DPL elections, but
it's fine with me either way.
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity
On 22/07/09 at 18:49 +0200, Stefano Zacchiroli wrote: On Wed, Jul 22, 2009 at 06:23:05PM +0200, Wouter Verhelst wrote: I have nothing against this in principle, but how is this any different from the people who manage the MIA database? The main difference is the automation of the process. MIA, which currently is 1 person, requires manual activity and efforts. If we agree that automatically, if you stop exercising your DD rights, you go away after 2 years, the energy which we currently spend in MIA [1] can be better spend in doing other QA activities. I really don't see the benefit in the added MIA layer. You stop working for Debian for a long period: you go away; the day you'll re-gain interest: you can come back. MIA is also about detecting packages that are de-facto orphaned, not just about developers. Actually, I think that it's more important that we work on detecting packages that are badly maintained, rather than on detecting inactive maintainers. Inactive maintainers do not make harm by definition. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
On Thu, Jul 23, 2009 at 12:57:07AM +0200, Lucas Nussbaum wrote:
MIA is also about detecting packages that are de-facto orphaned, not
just about developers. Actually, I think that it's more important
that we work on detecting packages that are badly maintained, rather
than on detecting inactive maintainers. Inactive maintainers do not
make harm by definition.
The two are completely orthogonal. Also, I disagree that inactive
maintainer do no harm; they do harm if you think they are still
feeling responsible for a package while they are not. That's why we
had MIA in the first place. (Beside the obvious security risks of
having their accounts around ..., which was the reason to propose
stuff like WAT in the first place.)
Additionally, I think that automatic detection of inactive DDs can
*help* QA: for instance, the removal of such account can trigger a
notification to the QA team which can then directly proceed to orphan
all packages of the just deactivated account. That's another topic not
related to the proposal, but IMO shows that the two practices are not
at stake with each other.
Cheers.
--
Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..| . |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...| ..: | Je dis tu à tous ceux que j'aime
signature.asc
Description: Digital signature
Re: Re-thinking Debian membership - take #1: inactivity
On 23/07/09 at 01:10 +0200, Stefano Zacchiroli wrote: On Thu, Jul 23, 2009 at 12:57:07AM +0200, Lucas Nussbaum wrote: MIA is also about detecting packages that are de-facto orphaned, not just about developers. Actually, I think that it's more important that we work on detecting packages that are badly maintained, rather than on detecting inactive maintainers. Inactive maintainers do not make harm by definition. The two are completely orthogonal. Also, I disagree that inactive maintainer do no harm; they do harm if you think they are still feeling responsible for a package while they are not. That's why we had MIA in the first place. (Beside the obvious security risks of having their accounts around ..., which was the reason to propose stuff like WAT in the first place.) Sure, I meant that they do not harm the archive since they do not upload packages. Additionally, I think that automatic detection of inactive DDs can *help* QA: for instance, the removal of such account can trigger a notification to the QA team which can then directly proceed to orphan all packages of the just deactivated account. That's another topic not related to the proposal, but IMO shows that the two practices are not at stake with each other. I'm not sure if this is the correct approach to that problem: It doesn't take in account maintainers that are not DDs, and that can also become MIA. But it could be used in addition to other approaches. -- | Lucas Nussbaum | lu...@lucas-nussbaum.net http://www.lucas-nussbaum.net/ | | jabber: lu...@nussbaum.fr GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership - take #1: inactivity
Le Wed, Jul 22, 2009 at 06:03:41PM +0200, Stefano Zacchiroli a écrit : * DDs which are not active for 2 years or more automatically loose vote and upload rights. * Activity is defined as not having neither voted nor signed any upload (in the past 2 years). Hi Stefano, this is a proposal that I hope can reach a broad consensus. I think that it is important to have a member list that does not drift too far from reality, and the current number of DDs is not anymore a reliable indicator of Debian’s vitality. Personnaly, I would not mind a more stringent mechanism, for instance defining activity as changing one’s LDAP password once per year. Or if we want to be fancy, we could count time not in years but in releases. Releases are the greatest events of our Project, and there would be some sense to ask the developers if they want to do one more or retire after each time we harverst the fruits of our hard work. For the debian-med Alioth project, I proposed to make a post-release general ping but I am late to start it. If there is interest, I can report how it was perceived by the members after I finish it. But priority to consensus. I would already be happy to see your proposal accepted as is. Have a nice day, -- Charles Plessy Tsurumi, Kanagawa, Japan -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership
On Thu, Dec 11, 2008 at 22:46:32 +0100, Lionel Elie Mamane wrote: What the proposals says is that any two out of the (currently) thousand can block all entrants. This is scary to me. And if they do that, the rest of us can get them to stop (be it by peer pressure or removal from the project if it comes to that). Cheers, Julien -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 11:44:03AM +0300, Lars Wirzenius wrote: I do not like the way Joerg wants to change the way people become and are members of the Debian project. (...) I think we should go in the opposite direction: massively simplify the whole membership thing. I am naturally quite inclined to like the kind of scheme you propose, but I don't think it scales to the size Debian has now. Proposal * People should be allowed to join Debian when there is reasonably wide-spread consensus that they agree with the project's goals, are committed to working on those goals, and are trustworthy. The best way to determine this is to have some number of people endorse a candidate. However, there should not be too much opposition to a candidate, either. Concrete proposal: max(Q, 20) endorsements, On the one hand, 20 out of 1000 or Q is *very* far from reasonably wide-spread consensus (so that number is low); on the other hand, that number is high: getting 20 (or more) people to know you enough to emit a judgement is hard and mostly unrelated to technical skill, thrustworthiness, commitment, ... It mainly depends on how many existing Debian members you hang out with socially or collaborate rather closely with. It feels to me like it makes the joining process an acutely social process, not something I look unto positively. That's what I mean with this doesn't scale to big groups. Above some size (which Debian has - by far - exceeded), the opposite constraints on the number of people that have to endorse become contradictory. two existing members together can veto. That seems incredibly low; it allows a tiny minority to completely block the whole process. -- Lionel -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Thu, Dec 11, 2008 at 07:53:08PM +, Clint Adams wrote: On Thu, Dec 11, 2008 at 04:42:14PM +0100, Lionel Elie Mamane wrote: That's what I mean with this doesn't scale to big groups. Above some size (which Debian has - by far - exceeded), the opposite constraints on the number of people that have to endorse become contradictory. How does the stauts quo solve this problem? The number of people that have to endorse is low and more or less fixed. It does not require wide consensus for one to become a DD. That seems incredibly low; it allows a tiny minority to completely block the whole process. How does the stauts quo solve this problem? In the status quo, there is no way that if you and I team up, we can block all NM candidates. DAM / NM Front Desk / some small groups could block, but they have a special position based on delegation, we consider them more trustworthy than a random member; if they start behaving in a way we don't want, the DPL / a GR can change the delegation, and all that. What the proposals says is that any two out of the (currently) thousand can block all entrants. This is scary to me. I'm deeply unhappy about the status quo, but for other reasons than these. -- Lionel -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Re: Re-thinking Debian membership
I promised to get back to re-thinking Debian membership processes. After everything that's happened, I think it would be best to postpone discussions about this until after Lenny is released. I am planning to start or join that discussion after the release. (And, yes, I hope to do a DEP on it, but that's pretty much irrelevant to everyone else.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
Pierre Habouzit wrote: Note that the whole point is to know that the person in question shall know his/her limits, and know who to ask when in trouble. Not everybody should be a top class programmer if what he/she'll ever do is packaging pure perl extensions. OTOH the first time suck a package will be native, I expect him/here to document him/herself and if unsure to go to the right people. That's only an example of course, there are dozens of examples of such people nowadays that I trust with their judgements to not do anything foolish, beyond what they understand. Sounds just as great as all packages are well maintained because they have maintainers knowing their limits and not packaging stuff they lack skills to support. Proposing to have assessing candidates for membership decentralized in a way similar to package maintenance sounds good until one considers the disastrous effect the rapid growth of Debian had on the quality of the average package. And that portion of junk uploads that is sponsored actually had peer review trough a current Debian developer.[1] We are currently way to shy of actually making people stop Maintainer:ing stuff when they are not up to maintaining it to be optimistic about limiting bad additions to Debian when it is open for anyone to do. Kind regards T. 1. To me it looked like about 2 in 3 RC bugs open in lenny two months after freezing were in the any maintainer or Developer should be able to fix this in little to no time-ballpark of difficulty. -- Thomas Viehmann, http://thomas.viehmann.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Sat, Oct 25, 2008 at 09:56:09PM -0500, Manoj Srivastava wrote: Secondly, What exactly to these members of the project do, if they do not vote or upload packages? They might commit to the webml repository or sent mails to debian-news, e.g. Of course, they could just vote as well, but if we have an extra measure for packagers, maybe also for otherwise contributing members. Michael -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Sat,25.Oct.08, 21:56:09, Manoj Srivastava wrote: If you are not voting or uploading packages, everythign else you do can be done without a maintainers hat on, so you do not need to be a DD. Does this mean you oppose to the concept of having non-packagers being members of the Debian Project? I do not think you are reading what I wrote. Actually I did, but it seems you didn't understand what I meant and since you were not alone I'll try to explain. Secondly, What exactly to these members of the project do, if they do not vote or upload packages? How are those activities any different from what non-members do? I was talking about Debian Members as persons with a right to vote, but not necessarily packagers. Another alternative to automatic mail/voting as a way of checking if these people are still active would be to have a personalized MIA timer. For a packager the best way would be to reset the timer based on the last upload, but for a translator maybe his last mail with a translation should count. I hope I explained it better this time. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) signature.asc Description: Digital signature
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 05:59:40PM +0200, Josselin Mouette wrote: Concrete proposal: max(Q, 20) endorsements, two existing members together can veto. The veto can be done anonymously via the Debian Account Manager to avoid peer pressure to not veto. The DAM only counts the endorsements and vetos, and does not make judgement calls. All endorsements and vetos must happen within 30 days. I don’t think there is much peer pressure to not veto, but making them anonymous is not a big deal. The important thing is that a veto must be motivated; otherwise, two project members could block the whole process. If you add motivations, then you need someone reading the motivation and decide whether they are motivating enough the veto. I guess, the original purpose of Lars was avoid this deciding entity. I'm still not sure about whether I do want it or not, but it is quite clear to me that you need to decide upon the two. * Membership ends 24 months after they're given, or after the latest participation in a vote arranged by the project's Secretary. Members may retire themselves earlier, of course. I’d add counting uploads as well as votes, while making the process quicker. 12 months seems more than enough, maybe even 6. As long as you can easily become a member again later, that’s fine. ACK on counting uploads. An observation though: only using them we can lower the bound to something like 12 months; by only counting votes 24 months is reasonable, because it is the time frame in which we can expect at least two DPL elections. 6 months seem to few to me though, we can imagine DDs maintaining only a few packages which require relatively low maintenance. Cheers. -- Stefano Zacchiroli -*- PhD in Computer Science \ PostDoc @ Univ. Paris 7 [EMAIL PROTECTED],pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/ Dietro un grande uomo c'è sempre /oo\ All one has to do is hit the right uno zaino-- A.Bergonzoni \__/ keys at the right time -- J.S.Bach signature.asc Description: Digital signature
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 10:49:35PM +0200, Ana Guerrero wrote: Concrete proposal: max(Q, 20) endorsements, two existing members together can veto. The veto can be done anonymously via the Debian Account Manager to avoid peer pressure to not veto. The DAM only counts the endorsements and vetos, and does not make judgement calls. All endorsements and vetos must happen within 30 days. I think max (Q, 20) is a high number, maybe max (Q, 10) ? And as well, 2 person vetoing seems like a small number, maybe 4 or 5? I see a significant flaw here. If endorsement is bound to Q, than veto shall be bound to Q as well. I don't see way one should and the other shouldn't. Most generally, I think that each time we write down numbers of people which are implicitly assumed to represent a fraction of Debian project members, those numbers should always be bound to Q. Cheers. -- Stefano Zacchiroli -*- PhD in Computer Science \ PostDoc @ Univ. Paris 7 [EMAIL PROTECTED],pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/ Dietro un grande uomo c'è sempre /oo\ All one has to do is hit the right uno zaino-- A.Bergonzoni \__/ keys at the right time -- J.S.Bach signature.asc Description: Digital signature
Re: Re-thinking Debian membership
On Sat, Oct 25, 2008 at 06:12:48AM +, Manoj Srivastava wrote: Hi, One of the issues I have with this proposal is that there seems to be, by design, absolutely no consideration about skill levels or quality of developers. I'll concede that the current process might not do a great job of assessing quality of contribution, but it tries. The new process does not seem to have any such effort. My experience shows that we have been successfully driving away people from DM, where it's mostly on a trust-link/peer review bases, than in NM. There is a couple of people that do not deserve to be DD because they are technically not good enough for the tasks they do in Debian. Note that the whole point is to know that the person in question shall know his/her limits, and know who to ask when in trouble. Not everybody should be a top class programmer if what he/she'll ever do is packaging pure perl extensions. OTOH the first time suck a package will be native, I expect him/here to document him/herself and if unsure to go to the right people. That's only an example of course, there are dozens of examples of such people nowadays that I trust with their judgements to not do anything foolish, beyond what they understand. What we should test is that and only that (okay good understanding of the project, and of the people, and so on is vital too, but I suppose we're only discussing skil-wise). -- ·O· Pierre Habouzit ··O[EMAIL PROTECTED] OOOhttp://www.madism.org pgpPJLts4ro0L.pgp Description: PGP signature
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 10:46:13PM +, Helen Faulkner wrote: Aurelien Jarno wrote: Ana Guerrero a écrit : [...] * Membership ends 24 months after they're given, or after the latest participation in a vote arranged by the project's Secretary. Members may retire themselves earlier, of course. No, please, voting should be voluntary. On one side I understand that you don't want make voting mandatory, but I really like the idea of: - activity = you keep your membership - inactivity = you lose your membership Maybe we could find another way to define activity, like (upload || vote || svn commit || ...), which retrigger some time of memberships. Voting is both a right and a responsibility of members in any kind of democracy. How can it be a responsibility if people can simply not bother to vote, with no penalty? FWIW it's a debate that trolls a lot in many EU countries (there are countries like .be where you are forced to, and many other where you're not). I do not expect Debian to be able to solve that problem that has absolutely no trivial solution, and I'd rather see us be on the reasonnable side here. FWIW you talk to a guy who never missed a single election in his country, and I think voting (even white) is very important. Though, I respect people who think that voting is a bad thing, whatever their reasons are. We should not deny Debian citizenship to someone who doesn't care to vote. Really. And yes I know that voting [] (with as many dashes as there are DPL candidates + 1) each year isn't really that of a burden. But there are really simple other way to count activity like uploads, lastlog on some debian machines, or even a reminder mail every year people would have to reply to with a signed mail (and a hash so that people cannot do that with a cron job, that would defeat the feature). -- ·O· Pierre Habouzit ··O[EMAIL PROTECTED] OOOhttp://www.madism.org pgpgELAgx7H5s.pgp Description: PGP signature
Re: Re-thinking Debian membership
On Sat, Oct 25, 2008 at 07:59:58AM +, Stefano Zacchiroli wrote: On Fri, Oct 24, 2008 at 03:53:46PM +0300, Lars Wirzenius wrote: pe, 2008-10-24 kello 12:18 +0200, Peter Palfrader kirjoitti: On Fri, 24 Oct 2008, Lars Wirzenius wrote: * The keyrings shall be maintained in a way that allows any member to change them, The rationale is simple: to avoid concentration of power into the hands of the few, and keep it in the hands of everyone. Since I believe the decision on someone's membership should be collectively in the hands of all the members, I don't think the task of editing a keyring should be restricted to one or a couple of people. That sounds a bit too extreme to me. [1] Depends how you restrict editing the keyring. I'd say that adding a key shall go through keyring-maint (a bit like DM works nowadays). It's not a complicated job, you mostly have to count points, and ask people to motivate their choices and to keep that record. E.G. it would be this person task to be sure A veto against B is on technical or trust reasons rather than a dislike of B. Updating one's own key on the other hand, or replacing signatures, or... should be a task than one's should be able to do on his own. Only if the old key is invalid for some reason (key was revoked, expired, whatever) then yeah, we should not let that people do it either. -- ·O· Pierre Habouzit ··O[EMAIL PROTECTED] OOOhttp://www.madism.org pgpHx6s4pFZcl.pgp Description: PGP signature
Re: Re-thinking Debian membership
pe, 2008-10-24 kello 23:47 -0700, Steve Langasek kirjoitti: I think it would be more sensible to kick out the people who don't do anything for the project *except* vote. That is certainly a good point. The reason I propose counting voting only is that that's the only action all DD would have in common that would be unambiguous. Not every DD would be uploading packages, and other stuff like mailing list activity, commits to version control systems, editing the wiki, BTS activity, etc, is a long list of possibilities we would have to draw lines around in some way. For example, is it enough to be occasionally active on -user? Is once a year enough? Should the quality of one's packages be a concern? How do we coalesce [EMAIL PROTECTED] and [EMAIL PROTECTED] and other e-mail addresses for the same person, especially if not all of them are in the key in Debian's keyring? I like simplicity, so I chose the simple option. There does not seem to be a consensus that this is a good option, so I'll amend my proposal accordingly. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
la, 2008-10-25 kello 09:59 +0200, Stefano Zacchiroli kirjoitti: A scenario I want to avoid for example is that newcomers can alter the keyring adding tens of friends. Such a possibility would imply that if Debian as a project fails *once* in checking IDs and motivations for *a single* newcomer, than that newcomer can screw us badly adding a whole lot of people. I presume the range of nasty scenarios starting from this one is quite big. I would like to stress that my proposal says that any changes should be easy to undo. This is especially true for anything that may result in nasty scenarios. I haven't thought about the mechanics of this yet in any particular detail, but there are so many ways in which keyring maintenance could be arranged to achieve the goal of my proposal that I'm not worried it can't be implemented. That doesn't mean I'm adamant on having the keyring be NMUable by any DD. As an aside, I realize that all of my proposal is written very quickly, and is very short. The length is mostly a good thing. I wanted to get the idea out soon, and to see how the discussion goes. Since the core parts of my proposal seem to be received mostly in a positive manner, I think it's time to start working on a more detailed proposal, and I hope to use the DEP process for it, and gather input from all relevant or interested parties in the project. I probably won't have time to work on it for a few days, and it might be good to postpone most of it until after lenny is released anyway. However, since Joerg started the discussion, I think it was appropriate to throw the idea out now. More generally, the solution to concentration of powers is making sure that the same people do not play too many roles in core teams (ideally, max 1), because that gets rid of communications to self, which are always hidden to the rest of the project. I think that would be a good idea. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
Hi, One of the issues I have with this proposal is that there seems to be, by design, absolutely no consideration about skill levels or quality of developers. I'll concede that the current process might not do a great job of assessing quality of contribution, but it tries. The new process does not seem to have any such effort. Given human nature, seems like it is likely for folks to vote in their buddies, not based on merit, but on liking them (do you know how hard it is for people to not add friends to their social network sites?) I also acknowledge that testing for quality is a Hard Problem. And that it is hard not to have a process with the kind of bias that inclusion by popularity contest (which the new process would have a proclivity to being) does. But there is an effort towwards that in the current process that is being thrown out with the bath water. manoj -- The Arkansas legislature passed a law that states that the Arkansas River can rise no higher than to the Main Street bridge in Little Rock. Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Sat, Oct 25, 2008 at 09:46:13AM +1100, Helen Faulkner wrote: Voting is both a right and a responsibility of members in any kind of democracy. How can it be a responsibility if people can simply not bother to vote, with no penalty? I think that's a peculiarly Australian way of looking at the question. As an American, I consider it my civic duty to be an educated voter. The penalty for not being an educated voter is bad government. (Whereas the reward for being an educated voter is *knowing* that your government is bad in spite of your efforts.) Since you don't have a statutory penalty for voters not being well-*informed*, why should there be a penalty for not voting, either? The first advantage is that people tend to consider voting as their responsibility. It means they engage with and take more responsibility for the entire government process. If something is wrong they are more likely to feel responsible for that and to want to fix it, rather than whinging about it without doing anything, because it's not my fault, I didn't vote. I voted. Both times. It's still not my fault. The second advantage is that when voter turnout is nearly 100% (always some people are sick or whatever), the result reflects the viewpoint of nearly the entire population. This means that you aren't always just voting on the issues that polarise the community, and the voters aren't only the people who feel so strongly about those issues that they turn out to vote. It results in more moderate, less extreme politics, in general, and less dramatic changes when governments change. One only has to compare politics in the US and in Australia to see this effect in action. Really? John Howard is an example of less extreme politics? In the US, we find it more efficient to elect fascist leaders to betray the interests of the common people /without/ obliging everyone to go to the polls in order to achieve this result. Given the low turnout for most Debian elections, I believe that making voting mandatory could only be a healthy thing for Debian. In this case, the penalty would be very low, since there are usually several votes in a year, and skipping one wouldn't affect a person's membership in the democracy. However skipping several would. I think using this as a measure of involvement in and commitment to Debian would be a very sensible thing. I think it would be more sensible to kick out the people who don't do anything for the project *except* vote. That's not to say that I'm altogether opposed to making voting mandatory in Debian, but if we're really concerned that people are hanging onto their status long after they should have stepped down of their own accord, the last thing I think we should do is encourage these people to influence the outcome of Debian votes. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developerhttp://www.debian.org/ [EMAIL PROTECTED] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 03:53:46PM +0300, Lars Wirzenius wrote: pe, 2008-10-24 kello 12:18 +0200, Peter Palfrader kirjoitti: On Fri, 24 Oct 2008, Lars Wirzenius wrote: * The keyrings shall be maintained in a way that allows any member to change them, The rationale is simple: to avoid concentration of power into the hands of the few, and keep it in the hands of everyone. Since I believe the decision on someone's membership should be collectively in the hands of all the members, I don't think the task of editing a keyring should be restricted to one or a couple of people. That sounds a bit too extreme to me. [1] Trust don't scale very well, and while I agree with the general principle of diminishing concentration of powers, I would be against such a proposal. A scenario I want to avoid for example is that newcomers can alter the keyring adding tens of friends. Such a possibility would imply that if Debian as a project fails *once* in checking IDs and motivations for *a single* newcomer, than that newcomer can screw us badly adding a whole lot of people. I presume the range of nasty scenarios starting from this one is quite big. The solution to the past problems we had with keyring management is having a bigger keyring team (3/4 people?), but not that big. More generally, the solution to concentration of powers is making sure that the same people do not play too many roles in core teams (ideally, max 1), because that gets rid of communications to self, which are always hidden to the rest of the project. My 0.02€. [1] I'm also convinced this feeling reflects those of most of us, but of course there is no intention of trying being authoritative. -- Stefano Zacchiroli -*- PhD in Computer Science \ PostDoc @ Univ. Paris 7 [EMAIL PROTECTED],pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/ Dietro un grande uomo c'è sempre /oo\ All one has to do is hit the right uno zaino-- A.Bergonzoni \__/ keys at the right time -- J.S.Bach signature.asc Description: Digital signature
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 02:49:13PM +0200, Michael Hanke wrote: Thinking about this again, 'public' access to the keyring could also be a way to address the 'large number of inactive developers' -- _if_ they exist. Anyone could trigger the removal of anybody (using the staging approach outlined above) -- cleaning the keyring becomes much like mass bug reporting (and maybe should even follow the same procedure, ie. announce what you want, let it be discussed publicly, ...) No, we already have a procedure for that. If you want to help over with that, step in and help the currently understaffed MIA team. Cheers. -- Stefano Zacchiroli -*- PhD in Computer Science \ PostDoc @ Univ. Paris 7 [EMAIL PROTECTED],pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/ Dietro un grande uomo c'è sempre /oo\ All one has to do is hit the right uno zaino-- A.Bergonzoni \__/ keys at the right time -- J.S.Bach signature.asc Description: Digital signature
Re: Re-thinking Debian membership
On Sat, 25 Oct 2008, Stefano Zacchiroli wrote: On Fri, Oct 24, 2008 at 02:49:13PM +0200, Michael Hanke wrote: Thinking about this again, 'public' access to the keyring could also be a way to address the 'large number of inactive developers' -- _if_ they exist. Anyone could trigger the removal of anybody (using the staging approach outlined above) -- cleaning the keyring becomes much like mass bug reporting (and maybe should even follow the same procedure, ie. announce what you want, let it be discussed publicly, ...) No, we already have a procedure for that. If you want to help over with that, step in and help the currently understaffed MIA team. If somebody wanted to tackle the issue right now, there's also the echelon information in LDAP. Together with a list of people who have neither set a new password since the SSL thing nor uploaded ssh keys we might get a list of candidates. Contact DSA if you want to look into it (echelon is public, keys can be found in /var/lib/misc on project machines, passwords you'll have to ask for). -- | .''`. ** Debian GNU/Linux ** Peter Palfrader | : :' : The universal http://www.palfrader.org/ | `. `' Operating System | `-http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 04:53:28PM +0200, Leo costela Antunes wrote: Or implementing something like the suggestion from Michael Hanke[0], making the process open, but not immediate. No, it is not enough. The public visibility of changes on a wiki does not grant that every single page do not get rotten over time. Are you following closely the addition to the DM keyring? I'm not. I wouldn't be doing that in the long run even if I knew that it is a collective responsibility. And sooner or later it will happen that a change won't be looked at thoroughly by anybody. I don't want to get there. Cheers. PS .oO( joke where are all the people which were shouting at collaborative maintenance because nobody feels responsible when I need them /joke ) :-) -- Stefano Zacchiroli -*- PhD in Computer Science \ PostDoc @ Univ. Paris 7 [EMAIL PROTECTED],pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/ Dietro un grande uomo c'è sempre /oo\ All one has to do is hit the right uno zaino-- A.Bergonzoni \__/ keys at the right time -- J.S.Bach signature.asc Description: Digital signature
Re: Re-thinking Debian membership
On Sat, Oct 25, 2008 at 10:02:42AM +0200, Stefano Zacchiroli wrote: On Fri, Oct 24, 2008 at 02:49:13PM +0200, Michael Hanke wrote: Thinking about this again, 'public' access to the keyring could also be a way to address the 'large number of inactive developers' -- _if_ they exist. Anyone could trigger the removal of anybody (using the staging approach outlined above) -- cleaning the keyring becomes much like mass bug reporting (and maybe should even follow the same procedure, ie. announce what you want, let it be discussed publicly, ...) No, we already have a procedure for that. Well, there is already a procedure for everything, but that doesn't mean that the status quo is optimal. If you want to help over with that, step in and help the currently understaffed MIA team. This is the main point! Changing the default from 'once in, in forever' to 'in as long as being active' makes the MIA team obsolete. I do realize, that it is not that simple. As we have the concept of packages being more or less 'owned' by their maintainers, some desire to determine whether a package has to be orphaned remains -- which has to be done someone. But the whole situation, including the workload of the MIA team should improve dramatically once each project member gets an automatic expiration date attached, because it shifts the need to initiate an action from 'the project' to its members. Michael -- GPG key: 1024D/3144BE0F Michael Hanke http://apsy.gse.uni-magdeburg.de/hanke ICQ: 48230050 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Sat,25.Oct.08, 00:36:06, Aurelien Jarno wrote: My point is that if your only activity in Debian is periodically answering an automated email, I don't see the point of staying member of the project. How about this: every Debian Member chooses his own method of stating I am active in the Project. For a packager this could be an upload, for a translator it could be a new/updated translation (either by commit to a VCS or by sending it to some public mailing list),... whatever makes him so important for the Debian Project as to retain his membership. Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) signature.asc Description: Digital signature
Re: Re-thinking Debian membership
Le samedi 25 octobre 2008 à 01:12 -0500, Manoj Srivastava a écrit : One of the issues I have with this proposal is that there seems to be, by design, absolutely no consideration about skill levels or quality of developers. I'll concede that the current process might not do a great job of assessing quality of contribution, but it tries. The new process does not seem to have any such effort. On the contrary, peer review is the only process we have today that correctly asses quality. Require DD endorsement to be justified, as well as the veto, and you’ll get a picture of the skills of the candidate. -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `-our own. Resistance is futile. signature.asc Description: Ceci est une partie de message numériquement signée
Re: Re-thinking Debian membership
On Sat, Oct 25 2008, Andrei Popescu wrote: On Sat,25.Oct.08, 00:36:06, Aurelien Jarno wrote: My point is that if your only activity in Debian is periodically answering an automated email, I don't see the point of staying member of the project. How about this: every Debian Member chooses his own method of stating I am active in the Project. For a packager this could be an upload, for a translator it could be a new/updated translation (either by commit to a VCS or by sending it to some public mailing list),... whatever makes him so important for the Debian Project as to retain his membership. No. Activity must mean something concrete, Just sending email is not concrete evidence of actually doing something. Since liw defined voting and package uploads as defining characteristics of a developer, I posit that those activities are the only things that make sense about maintaining an active status in the project. If you are not voting or uploading packages, everythign else you do can be done without a maintainers hat on, so you do not need to be a DD. manoj -- Mr. Spock succumbs to a powerful mating urge and nearly kills Captain Kirk. TV Guide, describing the Star Trek episode _Amok_Time_ Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Sat, Oct 25 2008, Josselin Mouette wrote: Le samedi 25 octobre 2008 à 01:12 -0500, Manoj Srivastava a écrit : One of the issues I have with this proposal is that there seems to be, by design, absolutely no consideration about skill levels or quality of developers. I'll concede that the current process might not do a great job of assessing quality of contribution, but it tries. The new process does not seem to have any such effort. On the contrary, peer review is the only process we have today that correctly asses quality. Require DD endorsement to be justified, as well as the veto, and you’ll get a picture of the skills of the candidate. Then I would like to see some language like this added to the proposal. If for nothing else, then to dispell the spectre of a bunch (cabal, if you prefer) DD's just inviting their cronies into Debian, by lowering the bar on skill levels. I also think there might be the facebook/social site effect: without the active requirements on advocacy (the justification you talk about), people can feel pressurred to advocate (I get all these link request on linked in. some from people I have no idea about. I have rejected two or three of these things, but usually I just vote to let them in into my circle of friends. Why? because the cost of saying yes is so low, and I do not want to piss off someone who might later be in a position to help me [think DAM]). Now, I might be getting too paranoid about potential for cronyism (am I channeling Clint?), but I do think some language should be added about the voting. There should be, for example, required sections about skill sets, and how the advocate personally knows about it, sections on previous work done for debian, and a section on collegiality (he gets along well, does not blow his top). I think such clarifications on the justification for voting in or vetoing would improve this proposal. manoj -- Ed Sullivan will be around as long as someone else has talent. Fred Allen Manoj Srivastava [EMAIL PROTECTED] http://www.debian.org/~srivasta/ 1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Sat,25.Oct.08, 09:41:35, Manoj Srivastava wrote: If you are not voting or uploading packages, everythign else you do can be done without a maintainers hat on, so you do not need to be a DD. Does this mean you oppose to the concept of having non-packagers being members of the Debian Project? Regards, Andrei -- If you can't explain it simply, you don't understand it well enough. (Albert Einstein) signature.asc Description: Digital signature
Re: Re-thinking Debian membership
Andrei Popescu [EMAIL PROTECTED] writes: On Sat,25.Oct.08, 09:41:35, Manoj Srivastava wrote: If you are not voting or uploading packages, everythign else you do can be done without a maintainers hat on, so you do not need to be a DD. Does this mean you oppose to the concept of having non-packagers being members of the Debian Project? What does “member of the Debian project” mean if it excludes both the activities of voting and package uploading? -- \“Pinky, are you pondering what I'm pondering?” “Wuh, I think | `\ so, Brain, but isn't Regis Philbin already married?” —_Pinky | _o__) and The Brain_ | Ben Finney -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Sat, Oct 25, 2008 at 10:29:54AM +0200, Michael Hanke wrote: If you want to help over with that, step in and help the currently understaffed MIA team. This is the main point! Changing the default from 'once in, in forever' to 'in as long as being active' makes the MIA team obsolete. I do realize, that it is not that simple. As we have the concept of packages being more or less 'owned' by their maintainers, some desire to determine whether a package has to be orphaned remains -- which has to be done someone. But the whole situation, including the workload of the MIA team should improve dramatically once each project member gets an automatic expiration date attached, because it shifts the need to initiate an action from 'the project' to its members. Fair enough, this is possibly a _wonderful_ idea! Still, I believe that the appropriate where to discuss this is with the MIA team, because they do have experience in dealing with these kind of issues, don't you think? -- Stefano Zacchiroli -*- PhD in Computer Science \ PostDoc @ Univ. Paris 7 [EMAIL PROTECTED],pps.jussieu.fr,debian.org} -- http://upsilon.cc/zack/ Dietro un grande uomo c'è sempre /oo\ All one has to do is hit the right uno zaino-- A.Bergonzoni \__/ keys at the right time -- J.S.Bach signature.asc Description: Digital signature
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 2:14 PM, Lars Wirzenius [EMAIL PROTECTED] wrote: The other end of the membership process is screwed up too. We should not have to actively seek out members who are Missing In Action. Staying a member in Debian should be an active process: if you don't do anything, you should be automatically retired. +1 -- Cheers, Kartik Mistry | 0xD1028C8D | IRC: kart_ Homepage: people.debian.org/~kartik Blog.en: ftbfs.wordpress.com Blog.gu: kartikm.wordpress.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
Hi, On Fri, Oct 24, 2008 at 11:44:03AM +0300, Lars Wirzenius wrote: I do not like the way Joerg wants to change the way people become and are members of the Debian project. It's not all bad, but on the whole it makes some of the worst parts of Debian become worse. It concentrates power into fewer hands, removes some of the benefits of the Debian Maintainer process, adds more hoops to jump through, and makes the whole question of what it means to be a member of Debian massively complicated. snip I wholeheartedly second this proposal (one question below). I believe that there is no alternative to making the membership structure/process _much_ simpler. Being a Debian Contributer (whatever that really is) for some years, I recently had more and more trouble to explain the different status groups to outsiders. With the addition of even more groups I fear that I would completely loose it. Proposal * People should be allowed to join Debian when there is reasonably wide-spread consensus that they agree with the project's goals, are committed to working on those goals, and are trustworthy. The best way to determine this is to have some number of people endorse a candidate. However, there should not be too much opposition to a candidate, either. Concrete proposal: max(Q, 20) endorsements, two existing members together can veto. The veto can be done anonymously via the Debian Account Manager to avoid peer pressure to not veto. The DAM only counts the endorsements and vetos, and does not make judgement calls. All endorsements and vetos must happen within 30 days. * Membership in the project gives both voting and upload rights. * Membership ends 24 months after they're given, or after the latest participation in a vote arranged by the project's Secretary. Members may retire themselves earlier, of course. What does this mean? It automatically ends after a vote or two years? Or is it rather (semi)automatically extended by continued contributions of a yet to be defined type (e.g. package uploads, bug reports/fixes)? * Members may be expelled via the normal General Resolution process, with a simple majority. Ftpmasters may temporarily limit upload rights in an emergency. * Membership is controlled via GnuPG keyrings, primarily maintained by the Debian Account Manager. The keyrings shall be maintained in a way that allows any member to change them, and that is fully transparent to the members in general, and that further makes it easy to undo mistakes. * Upload sponsorships and the limited upload rights via the Debian Maintainer status are unaffected by this proposal. Michael -- GPG key: 1024D/3144BE0F Michael Hanke http://apsy.gse.uni-magdeburg.de/hanke ICQ: 48230050 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Fri, 24 Oct 2008, Lars Wirzenius wrote: * The keyrings shall be maintained in a way that allows any member to change them, Since you refused to explain on IRC, please explain the rationale and use-cases here. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
Hi, Lars Wirzenius wrote: * Membership is controlled via GnuPG keyrings, primarily maintained by the Debian Account Manager. The keyrings shall be maintained in a way that allows any member to change them, and that is fully transparent to the members in general, and that further makes it easy to undo mistakes. hu? why? Don't you think that this has security implications? And don't you think, there is an interest to protect the security of the Debian project machines? Well, we think that every DD is trustworthy, because we rely on GPG signatures between already trusted people. But after all power you give to people is an appeal to exploit it. So its IMHO not really a good idea to give power to people, who _do not need_ the power. Best Regards, Patrick signature.asc Description: Digital signature
Re: Re-thinking Debian membership
also sprach Lars Wirzenius [EMAIL PROTECTED] [2008.10.24.1044 +0200]: * Membership is controlled via GnuPG keyrings, primarily maintained by the Debian Account Manager. The keyrings shall be maintained in a way that allows any member to change them, and that is fully transparent to the members in general, and that further makes it easy to undo mistakes. There is no way I will ever agree to something like this unless we get rid of all the inactive or careless members we already have. Having hundreds of (potentially unsafe) keys with upload rights to our archive, which isn't actually needed in many many cases is one thing; allowing all these keys to approve or delete members is another. I am all for transparent and flat hierarchies in this regard, but if we go down this road, then it has to be bottom-up, not top-down: we start with an empty keyring, add those that are known to be active and caring, define very good procedures, and then get the ball rolling. -- .''`. martin f. krafft [EMAIL PROTECTED] : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems courage is not the absence of fear, but the decision that something else is more important than fear. -- ambrose redmoon digital_signature_gpg.asc Description: Digital signature (see http://martin-krafft.net/gpg/)
Re: Re-thinking Debian membership
On Friday 2008-10-24, Patrick Schoenfeld wrote: Lars Wirzenius wrote: * Membership is controlled via GnuPG keyrings, primarily maintained by the Debian Account Manager. The keyrings shall be maintained in a way that allows any member to change them, and that is fully transparent to the members in general, and that further makes it easy to undo mistakes. hu? why? Don't you think that this has security implications? And don't you think, there is an interest to protect the security of the Debian project machines? Well, we think that every DD is trustworthy, because we rely on GPG signatures between already trusted people. But after all power you give to people is an appeal to exploit it. So its IMHO not really a good idea to give power to people, who _do not need_ the power. AIUI he's just advocating having the equivalent of a (publicly scrutinized) NMU for the keyring, that is: - have trusted gatekeeper(s) who normally does all changes - have all changes be public (many eyes make all bugs shallow) - also have the possibility for the equivalent of an NMU, for those cases where the gatekeeper is on vacation/to busy/otherwise unavailable/goes rogue. -- Cheers, Cobaco (aka Bart Cornelis) signature.asc Description: This is a digitally signed message part.
Re: Re-thinking Debian membership
Hi, On Fri, Oct 24, 2008 at 01:35:43PM +0200, cobaco wrote: AIUI he's just advocating having the equivalent of a (publicly scrutinized) NMU for the keyring, that is: - have trusted gatekeeper(s) who normally does all changes - have all changes be public (many eyes make all bugs shallow) - also have the possibility for the equivalent of an NMU, for those cases where the gatekeeper is on vacation/to busy/otherwise unavailable/goes rogue. and where is the difference? Still, every DD would be able to kick out every other DD of the keyring. Obvious the only protection against abuse is that it should be public. But that does not help much. If someone removes the key of somebody this causes damage, even if the most obvious damage (the removal itself) can be fixed easy and quick. Regards, Patrick -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 02:12:27PM +0200, Michael Hanke wrote: On Fri, Oct 24, 2008 at 01:49:48PM +0200, Patrick Schoenfeld wrote: Hi, On Fri, Oct 24, 2008 at 01:35:43PM +0200, cobaco wrote: AIUI he's just advocating having the equivalent of a (publicly scrutinized) NMU for the keyring, that is: - have trusted gatekeeper(s) who normally does all changes - have all changes be public (many eyes make all bugs shallow) - also have the possibility for the equivalent of an NMU, for those cases where the gatekeeper is on vacation/to busy/otherwise unavailable/goes rogue. and where is the difference? Still, every DD would be able to kick out every other DD of the keyring. Obvious the only protection against abuse is that it should be public. But that does not help much. If someone removes the key of somebody this causes damage, even if the most obvious damage (the removal itself) can be fixed easy and quick. The keyring does not have to be exposed directly. It could work via a delaying queue or stanging area. Changes commited to be applied to the keyring could be made publicly available for peer-review. This would make it possible that any change could be veto'ed by any other project member during the delay period. If anyone's key is about to be removed from the keyring that person could recieve a message informing about the scheduled removal and could object him/herself. If anyone has to be expelled the DPL/TC/Keyring maintainers could apply the change directly. The same mechanism could be the place for more automatic sanity checks, such as, checking whether a key that is about to be added is properly signed by a certain required number of other project members, ie. something like a keyring-lintian. In general and if trust is the default assumption within the project such procedure would remove a potential human bottleneck and only requires manual intervention if the trust-assumption is violated or something happens that is not (yet) covered by a lintian check. Of course such a system could be abused, but the staging of all changes would make sure that the environment does not suffer from unexpected, harmful changes. Thinking about this again, 'public' access to the keyring could also be a way to address the 'large number of inactive developers' -- _if_ they exist. Anyone could trigger the removal of anybody (using the staging approach outlined above) -- cleaning the keyring becomes much like mass bug reporting (and maybe should even follow the same procedure, ie. announce what you want, let it be discussed publicly, ...) To not lead into chaos, removals probably have to be handled in a different manner than additions. It _might_ be perfectly ok for a DD or DM or DC or whatever to be unresponsive for 3 months -- maybe that should not lead to the removal from the keyring. A sufficiently long delay for removals might solve that. However, if it gets _a lot_ easier to get into the keyring, it even might not be a big thing if one gets removed temporarily. Just ask to be added again, and if noone objects, you're in again -- that's it. Such a rather fast-paced process would let people be members, contributors, porters, translators when they can afford it to be and not after having waited for an unnessary amount of time until some central 'master' has decided that is would be 'the right time'. Some people only have a limited time were they can provided valueable manpower for the benefit of the project -- and I am not talking about hours per day, but rather months per life. Michael -- GPG key: 1024D/3144BE0F Michael Hanke http://apsy.gse.uni-magdeburg.de/hanke ICQ: 48230050 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
pe, 2008-10-24 kello 11:42 +0200, Michael Hanke kirjoitti: What does this mean? It automatically ends after a vote or two years? Or is it rather (semi)automatically extended by continued contributions of a yet to be defined type (e.g. package uploads, bug reports/fixes)? You become a member, and you'll be a member for two years. If you vote, the timer resets and you will again be a member for two years. Vote again, and the timer resets again. Etc. The resetting is automatic, as is the retiring. No other contributions are counted, just voting (an abstain vote is fine), because otherwise we get into a mess of defining what kind of contribution counts and what does not. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
pe, 2008-10-24 kello 12:18 +0200, Peter Palfrader kirjoitti: On Fri, 24 Oct 2008, Lars Wirzenius wrote: * The keyrings shall be maintained in a way that allows any member to change them, Since you refused to explain on IRC, please explain the rationale and use-cases here. To be accurate, I asked you to move the discussion to -project. Here, it is visible to everyone, and doesn't require the kind of real-time attention that IRC does. The rationale is simple: to avoid concentration of power into the hands of the few, and keep it in the hands of everyone. Since I believe the decision on someone's membership should be collectively in the hands of all the members, I don't think the task of editing a keyring should be restricted to one or a couple of people. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
pe, 2008-10-24 kello 13:36 +0200, martin f krafft kirjoitti: also sprach Lars Wirzenius [EMAIL PROTECTED] [2008.10.24.1044 +0200]: * Membership is controlled via GnuPG keyrings, primarily maintained by the Debian Account Manager. The keyrings shall be maintained in a way that allows any member to change them, and that is fully transparent to the members in general, and that further makes it easy to undo mistakes. There is no way I will ever agree to something like this unless we get rid of all the inactive or careless members we already have. I'm all for moving inactive people to retirement status. The fact that we don't do that well is one of the things I believe my proposal will mostly fix. Having hundreds of (potentially unsafe) keys with upload rights to our archive, which isn't actually needed in many many cases is one thing; allowing all these keys to approve or delete members is another. Since any changes need to be easy to undo, and we need safeguards around such decisions anyway, I don't see a problem. For example, there could be a time-delay between adding a new member and the time when they can actually log in. Ditto for removing a member. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 12:31:36PM +0200, Patrick Schoenfeld wrote: So its IMHO not really a good idea to give power to people, who _do not need_ the power. Why not? Is this the same reason it's not a good idea to let people have liquids on airplanes? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 03:50:28PM +0300, Lars Wirzenius wrote: pe, 2008-10-24 kello 11:42 +0200, Michael Hanke kirjoitti: What does this mean? It automatically ends after a vote or two years? Or is it rather (semi)automatically extended by continued contributions of a yet to be defined type (e.g. package uploads, bug reports/fixes)? You become a member, and you'll be a member for two years. If you vote, the timer resets and you will again be a member for two years. Vote again, and the timer resets again. Etc. The resetting is automatic, as is the retiring. No other contributions are counted, just voting (an abstain vote is fine), because otherwise we get into a mess of defining what kind of contribution counts and what does not. If you're going to do this, there should also be another way than voting for people to reset their timer. I wouldn't want to see people having to propose a null vote because they didn't care for any official votes during the last two years and now find themselves in danger of being kicked out because they consider actually working on Debian to be of more importance than voting. Just a mailbot should be enough there, I guess. (not that I endorse the whole, but I thought this was important) -- Lo-lan-do Home is where you have to wash the dishes. -- #debian-devel, Freenode, 2004-09-22 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
Wouter Verhelst [EMAIL PROTECTED] writes: If you're going to do this, there should also be another way than voting for people to reset their timer. I wouldn't want to see people having to propose a null vote because they didn't care for any official votes during the last two years and now find themselves in danger of being kicked out because they consider actually working on Debian to be of more importance than voting. Sending a simple abstain to a DPL vote every other year would be more work than proposing a null GR vote? But then again, I'm not against adding more checks, maybe include package uploads and LDAP information changes? I like Lars' proposal. The only issue I have is how secure can an automated keyring be. -- * Sufficiently advanced magic is indistinguishable from technology (T.P) * * PGP public key available @ http://www.iki.fi/killer * -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
also sprach Clint Adams [EMAIL PROTECTED] [2008.10.24.1502 +0200]: Why not? Is this the same reason it's not a good idea to let people have liquids on airplanes? No, for the same reasons that you exit a root shell when you are done with whatever required you to open one, or that you don't stand in the middle of a road while reading the map. Come on, Clint! -- .''`. martin f. krafft [EMAIL PROTECTED] : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems wickedness is a myth invented by good people to account for the curious attraction of others. -- oscar wilde digital_signature_gpg.asc Description: Digital signature (see http://martin-krafft.net/gpg/)
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 03:23:34PM +0200, martin f krafft wrote: No, for the same reasons that you exit a root shell when you are done with whatever required you to open one, or that you don't stand in the middle of a road while reading the map. Come on, Clint! Those are decisions I make myself, to protect myself or others. See any difference there? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
Le vendredi 24 octobre 2008 à 13:49 +0200, Patrick Schoenfeld a écrit : and where is the difference? Still, every DD would be able to kick out every other DD of the keyring. Obvious the only protection against abuse is that it should be public. Every DD is already able to upload a package that does rm -rf /. If we can allow someone to do that on every developer’s machine and not to add or remove people to the keyring, I’m much interested in the reason why. -- .''`. : :' : We are debian.org. Lower your prices, surrender your code. `. `' We will add your hardware and software distinctiveness to `-our own. Resistance is futile. signature.asc Description: Ceci est une partie de message numériquement signée
Re: Re-thinking Debian membership
also sprach Clint Adams [EMAIL PROTECTED] [2008.10.24.1528 +0200]: No, for the same reasons that you exit a root shell when you are done with whatever required you to open one, or that you don't stand in the middle of a road while reading the map. Come on, Clint! Those are decisions I make myself, to protect myself or others. See any difference there? No. -- .''`. martin f. krafft [EMAIL PROTECTED] : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systems everyone smiles as you drift past the flower that grows so incredibly high. -- the beatles digital_signature_gpg.asc Description: Digital signature (see http://martin-krafft.net/gpg/)
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 04:18:04PM +0300, Kalle Kivimaa wrote: Wouter Verhelst [EMAIL PROTECTED] writes: If you're going to do this, there should also be another way than voting for people to reset their timer. I wouldn't want to see people having to propose a null vote because they didn't care for any official votes during the last two years and now find themselves in danger of being kicked out because they consider actually working on Debian to be of more importance than voting. Sending a simple abstain to a DPL vote every other year would be more work than proposing a null GR vote? Certainly not. However, it is also easier for people to say hi bot, I'm still active than it is for them to remember whether or not they've voted in the last two years when a new vote comes up. As a Belgian citizen, with our laws on compulsory voting, I already have a legal requirement to participate in one particular voting system. Suffice to say that I'd rather die than see Debian implement something similar. -- Lo-lan-do Home is where you have to wash the dishes. -- #debian-devel, Freenode, 2004-09-22 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Re-thinking Debian membership
Lars Wirzenius wrote: Having hundreds of (potentially unsafe) keys with upload rights to our archive, which isn't actually needed in many many cases is one thing; allowing all these keys to approve or delete members is another. Since any changes need to be easy to undo, and we need safeguards around such decisions anyway, I don't see a problem. For example, there could be a time-delay between adding a new member and the time when they can actually log in. Ditto for removing a member. Or implementing something like the suggestion from Michael Hanke[0], making the process open, but not immediate. Giving enough time and opportunity to those currently working to filter changes _in_, to start filtering changes _out_. However, I don't get how the interaction between DAM approval and the free-for-all editing of keyring is supposed to work out. If any DD (or whatever you call if) has the right to make changes to the keyring, what's the use of DAM endorsement vs veto counting? I figure this could be implemented automatically, like a .commands file with multiple signers as endorsements and another (possibly also multi-signed) .commands file as a veto. And I second the thought that counting just votes as keep-alive is perhaps too strict. Aside from that, I agree with the idea. Cheers [0] http://lists.debian.org/debian-project/2008/10/msg00154.html -- Leo costela Antunes [insert a witty retort here] signature.asc Description: OpenPGP digital signature
Re: Re-thinking Debian membership
On Fri, Oct 24, 2008 at 08:44:03AM +, Lars Wirzenius wrote: I do not like the way Joerg wants to change the way people become and are members of the Debian project. It's not all bad, but on the whole it makes some of the worst parts of Debian become worse. It concentrates power into fewer hands, removes some of the benefits of the Debian Maintainer process, adds more hoops to jump through, and makes the whole question of what it means to be a member of Debian massively complicated. I think we should go in the opposite direction: massively simplify the whole membership thing. I tremendously agree with this, and reckon this proposal is way more in the direction of what I'd like to see. I have a couple of minor nitpicks about the proposal, that needs a bit tweaking IMHO, but that can be done through a DEP. I'll try to formulate them, but I've a trip to the US to plan, so I don't really have the time to write about them just now. Mind to start a DEP with this proposal as a basis ? -- ·O· Pierre Habouzit ··O[EMAIL PROTECTED] OOOhttp://www.madism.org pgpAjEUAzWHFc.pgp Description: PGP signature
