Re: Dropping the ownership model
2011/11/22 "Jóhann B. Guðmundsson" : > What do people see as pros and cons continuing to use the current > package ownership model? > > Would it be practical to dropping it altogether which in essence would > make every contributor an "proven packager"? Allowing any packager to commit to most packages is something that we could try. There is a risk of people making undesirable changes, but we won't know until we try. Also, the definition of "undesirable" often depends on some project-specific knowledge that is not documented anywhere, and having the access more open would be an incentive to get this documented. I wouldn't want to get rid of the ownership model altogether, I think there should be a specific person responsible for handling bug reports/RFEs. When a group is responsible to handle something not really pleasant to do, often no single member of that group feels personally responsible. Mirek -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
On 11/22/2011 05:59 PM, Miloslav Trmač wrote: > 2011/11/22 "Jóhann B. Guðmundsson": >> What do people see as pros and cons continuing to use the current >> package ownership model? >> >> Would it be practical to dropping it altogether which in essence would >> make every contributor an "proven packager"? > Allowing any packager to commit to most packages is something that we > could try. There is a risk of people making undesirable changes, but > we won't know until we try. Also, the definition of "undesirable" > often depends on some project-specific knowledge that is not > documented anywhere, and having the access more open would be an > incentive to get this documented. > > I wouldn't want to get rid of the ownership model altogether, I think > there should be a specific person responsible for handling bug > reports/RFEs. When a group is responsible to handle something not > really pleasant to do, often no single member of that group feels > personally responsible. With that move as in either to SIG or Group model I would think they would have to have set of representitives as in head's of the group/SIG which would be set of individual responsible for overseeing the group activity and at the same time be responsible for all the packages that group/SIG maintains. JBG -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
As much as we have disagreed on the previous topic we might have similar thoughts here :). - Original Message - > From: "Jóhann B. Guðmundsson" > To: "Development discussions related to Fedora" > > Sent: Tuesday, November 22, 2011 7:51:31 PM > Subject: Dropping the ownership model > > What do people see as pros and cons continuing to use the current > package ownership model? > > Would it be practical to dropping it altogether which in essence > would > make every contributor an "proven packager"? Well, everyone becoming a proven packager is going too far from the beginning. Though I have to say that this approach worked quite good in Mandriva in the past. I still remember misc telling me "please don't break too much" . For the few years I maintained packages there I haven't seen a single case of someone abusing his powers. > > Would it be viable to move to something like language SIG based > ownership of packages? SIGs are quite good idea and making more use of them can help providing more structure when in need of getting help. > > As in lower the barrier of entry of contributor without the need and > or > introduction of an package or any sponsorship and have them assigned > to > relevant SIG based on language they either know or want to learn. ( > not > necessarly having to tie packaging with code contribution ). > > The governing body of the SIG would in essence be the once that would > be > responsible for the components. Well SIGs don't really have governing bodies and it is always good to have a concrete name when you look for contacts for some package. Probably packages can be assigned to person and SIG and they are open for everyone from the SIG but still having a concrete name you can talk to. Essentially the SIG will be the owner of the package and a person(s) will be listed as something like primary contact(s). > > So as an example a indvidual skilled in Java who would want to join > the > project would automatically be assigned to the java SIG which in turn > would be assigned and managing all Java related components then the > Java > SIG based on what ever process/workflow they have decided would > assign > to that individual what ever task is needed at current times > prioritized > by the knowledge and resource they posses. As we(Java SIG) have quite similar approach aka someone from the SIG is taking a task he wants to work on and do it no matter who is the maintainer/co-maintainers the current situation is a bit annoying because people have to collect way too many permissions in pkgdb and this is either slowing down the process or depending on some provenpackager to push the work. Such a SIG approach to packaging will definetely make it easier and as long as the packager has access only to the SIG's packages this should not scare other SIGs because new packager in certain SIG wouldn't be able to touch other SIGs packages. Alexander Kurtakov > > So basically the barrier of entry is no higher than what the > individual > wants to learn or knows already as in.. > > Do you know or want to learn python. Join the python SIG etc... > > Do you want to learn distribution packaging join the Packaging SIG > > Or the individual would learn how to package components relevant to > the > SIG he just joined > > Thoughts? > > Far off and totally crazy, you are mad! > > What meds are you on can I have some? > > The SIG approach is something that actually might work... > > JBG > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
Miloslav Trmač wrote: > I wouldn't want to get rid of the ownership model altogether, I think > there should be a specific person responsible for handling bug > reports/RFEs. When a group is responsible to handle something not > really pleasant to do, often no single member of that group feels > personally responsible. All the core KDE packages are de facto SIG-maintained; no matter who the official primary maintainer of the particular package is, we all feel equally responsible for them. This works very well. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
On 11/22/2011 06:51 PM, "Jóhann B. Guðmundsson" wrote: > What do people see as pros and cons continuing to use the current > package ownership model? ownership <=> responsibility > Would it be practical to dropping it altogether which in essence would > make every contributor an "proven packager"? No. a) This would allow any arbitrary clueless newbie to hack around in stuff he fails to understand he is not qualified to do. b) This would encourage an attitude of "lazyness" (Others will do) > Would it be viable to move to something like language SIG based > ownership of packages? Yes, except that this kind of model would require an amount of bureacratic overhead Fedora is not able to supply. > Thoughts? > > Far off and totally crazy, you are mad! No you are naive ;) Ralf -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
On Tue, 22 Nov 2011 17:51:31 + "Jóhann B. Guðmundsson" wrote: > What do people see as pros and cons continuing to use the current > package ownership model? > > Would it be practical to dropping it altogether which in essence > would make every contributor an "proven packager"? I'm not sure it would be. > Would it be viable to move to something like language SIG based > ownership of packages? Well, if we did that we would need to revamp SIGs I suppose. We would need to make sure that there was some kind of SIG that covered all packages so people would know who to talk with. Also, currently some SIGs are very active and some really aren't at all. Also, a number of SIGs overlap. > As in lower the barrier of entry of contributor without the need and > or introduction of an package or any sponsorship and have them > assigned to relevant SIG based on language they either know or want > to learn. ( not necessarly having to tie packaging with code > contribution ). One thing thats worth noting here is: http://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group#Become_a_co-maintainer As another avenue to becoming a packager. > The governing body of the SIG would in essence be the once that would > be responsible for the components. > > So as an example a indvidual skilled in Java who would want to join > the project would automatically be assigned to the java SIG which in > turn would be assigned and managing all Java related components then > the Java SIG based on what ever process/workflow they have decided > would assign to that individual what ever task is needed at current > times prioritized by the knowledge and resource they posses. > > So basically the barrier of entry is no higher than what the > individual wants to learn or knows already as in.. > > Do you know or want to learn python. Join the python SIG etc... > > Do you want to learn distribution packaging join the Packaging SIG Good example. How do we handle overlaps here? Someone wishes to help with general packaging things, so they need to update the java package guidelines and fix those packages. Do they join the Packaging SIG? Java sig? both? > Or the individual would learn how to package components relevant to > the SIG he just joined > > Thoughts? > > Far off and totally crazy, you are mad! > > What meds are you on can I have some? > > The SIG approach is something that actually might work... I'm not convinced it would, without changing how our sigs are setup. kevin signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
> > As much as we have disagreed on the previous topic we might have similar > thoughts here :). > > - Original Message - >> From: "Jóhann B. Guðmundsson" >> To: "Development discussions related to Fedora" >> >> Sent: Tuesday, November 22, 2011 7:51:31 PM >> Subject: Dropping the ownership model >> >> What do people see as pros and cons continuing to use the current >> package ownership model? >> >> Would it be practical to dropping it altogether which in essence >> would >> make every contributor an "proven packager"? > > Well, everyone becoming a proven packager is going too far from the > beginning. > Though I have to say that this approach worked quite good in Mandriva in > the past. > I still remember misc telling me "please don't break too much" . For the > few years I maintained packages there > I haven't seen a single case of someone abusing his powers. > >> >> Would it be viable to move to something like language SIG based >> ownership of packages? > > SIGs are quite good idea and making more use of them can help providing > more structure when in need of getting help. > > >> >> As in lower the barrier of entry of contributor without the need and >> or >> introduction of an package or any sponsorship and have them assigned >> to >> relevant SIG based on language they either know or want to learn. ( >> not >> necessarly having to tie packaging with code contribution ). >> >> The governing body of the SIG would in essence be the once that would >> be >> responsible for the components. > > Well SIGs don't really have governing bodies and it is always good to have > a concrete name when you look for contacts for some package. > Probably packages can be assigned to person and SIG and they are open for > everyone from the SIG but still having a concrete name you can talk to. > Essentially the SIG will be the owner of the package and a person(s) will > be listed as something like primary contact(s). > >> >> So as an example a indvidual skilled in Java who would want to join >> the >> project would automatically be assigned to the java SIG which in turn >> would be assigned and managing all Java related components then the >> Java >> SIG based on what ever process/workflow they have decided would >> assign >> to that individual what ever task is needed at current times >> prioritized >> by the knowledge and resource they posses. > > As we(Java SIG) have quite similar approach aka someone from the SIG is > taking a task > he wants to work on and do it no matter who is the > maintainer/co-maintainers the current > situation is a bit annoying because people have to collect way too many > permissions in pkgdb > and this is either slowing down the process or depending on some > provenpackager to push the work. > Such a SIG approach to packaging will definetely make it easier and as > long as the packager has > access only to the SIG's packages this should not scare other SIGs because > new packager in certain > SIG wouldn't be able to touch other SIGs packages. This might better reflect reality anyway. There are packages I own where someone else has done most of the heavy lifting for awhile, and others that other people own where I'm doing the heavy lifting. It takes a village, etc, etc. -J > Alexander Kurtakov > >> >> So basically the barrier of entry is no higher than what the >> individual >> wants to learn or knows already as in.. >> >> Do you know or want to learn python. Join the python SIG etc... >> >> Do you want to learn distribution packaging join the Packaging SIG >> >> Or the individual would learn how to package components relevant to >> the >> SIG he just joined >> >> Thoughts? >> >> Far off and totally crazy, you are mad! >> >> What meds are you on can I have some? >> >> The SIG approach is something that actually might work... >> >> JBG >> -- >> devel mailing list >> devel@lists.fedoraproject.org >> https://admin.fedoraproject.org/mailman/listinfo/devel > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel > -- in your fear, seek only peace in your fear, seek only love -d. bowie -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
2011/11/22 "Jóhann B. Guðmundsson" : > What do people see as pros and cons continuing to use the current > package ownership model? I can't speak for anyone else. But for me I'm more than willing to see other contributors work with me to fix things in packages that I "own." I'll even take the heat for a couple of good faith mistakes if they commit something that ends up needing to be reworked. People just have to walk up and talk to me about it and submit a patch. Every time I get a patch that is sane I ask if they want to be a co-owner. In fact I've already transferred ownership a couple of times because my co-owner is more engaged than I am in that packages health. The only thing stopping a other people from working with me on keeping my "niche" packages is interested manpower. "requiring" a SIG approach isn't going to magically make more people interested in keeping the packages I prioritize cobwebless. You are free to organize a SIG that does this sort of work and I will happily throw my packages under the bus and give your SIG some measure of accountability to keep them maintained without having to lose "ownership" myself. If you want a SIG approach to be the cultural norm... then prove to the contributorbase that it works well and start with a subset of packages that your SIG shepards in a communal approach and expand that approach. Don't mandate it. Don't lobby for it. DO IT and provide metrics which show the approach is more sustainable and deals with high volume bug traffic better. -jef -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
On Tue, 22 Nov 2011 17:51:31 +, JBG (Jóhann) wrote: > What do people see as pros and cons continuing to use the current > package ownership model? Understand a package's owners as some sort of micro-SIG. The people who sign up as a package's team of owners are the ones who want to be responsible for the package. They also take responsibility for false decisions. And someone (!) needs to decide on whether and when to upgrade, for example. This cannot be an arbitrary person, who doesn't show any interest in a package or its upstream status, but would jump in and perform a random upgrade just because a newer version is available. Or apply fire'n'forget changes without monitoring user feedback (e.g. in bz). It doesn't make sense to try out such a development model. > Would it be practical to dropping it altogether which in essence would > make every contributor an "proven packager"? More difficult to answer. Yes, I think it would be feasible. Many packagers would simply not mess with packages they are not familiar with. They could, but they would not take care of arbitrary packages just because those are group-writable. > Would it be viable to move to something like language SIG based > ownership of packages? (language => programming language?) Then: No. Somebody, who is fluent in C++, does not automatically know the details of arbitrary libs and apps written in C++. And even if you know a certain lib or app rather well, it might be that a fix would require larger code changes better done by the developer(s). That also why many packagers consider themselves plain packagers and not full "package maintainers". > Do you know or want to learn python. Join the python SIG etc... Nothing stops anyone from learning Python and learning about Fedora's Python related packages. > Do you want to learn distribution packaging join the Packaging SIG Same here. > Or the individual would learn how to package components relevant to the > SIG he just joined > > Thoughts? Membership is only useful if you need it to gain access to something. Once you've figured out what you want to change and where, you can ask for access _today_. Fedora is open enough. You need to talk to someone (e.g. an open list), however, as blanket-approval for unknown changes to arbitrary packages or infrastructure is unlikely to happen. ;) -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
On 11/22/2011 06:46 PM, Kevin Fenzi wrote: > On Tue, 22 Nov 2011 17:51:31 + > "Jóhann B. Guðmundsson" wrote: > >> What do people see as pros and cons continuing to use the current >> package ownership model? >> >> Would it be practical to dropping it altogether which in essence >> would make every contributor an "proven packager"? > I'm not sure it would be. > >> Would it be viable to move to something like language SIG based >> ownership of packages? > Well, if we did that we would need to revamp SIGs I suppose. > We would need to make sure that there was some kind of SIG that covered > all packages so people would know who to talk with. Also, currently > some SIGs are very active and some really aren't at all. Also, a number > of SIGs overlap. Yup moving to SIG based/Group ownership based approach would certainly require revamping their current status. > >> As in lower the barrier of entry of contributor without the need and >> or introduction of an package or any sponsorship and have them >> assigned to relevant SIG based on language they either know or want >> to learn. ( not necessarly having to tie packaging with code >> contribution ). > One thing thats worth noting here is: > > http://fedoraproject.org/wiki/How_to_get_sponsored_into_the_packager_group#Become_a_co-maintainer > > As another avenue to becoming a packager. Cant these things to be separately completely as in the requirement to become "packager" to be able to contribute to a package and the need for sponsor ship be dropped in the process. Atleast the one way as I see it is to move the SIG/Group based ownerships of components anykind of barrier of entry would be removed for participation and if/when the SIG/Group deems the individual ready it will handle granting him any permissions the individual might lack over the packages they oversee. > >> The governing body of the SIG would in essence be the once that would >> be responsible for the components. >> >> So as an example a indvidual skilled in Java who would want to join >> the project would automatically be assigned to the java SIG which in >> turn would be assigned and managing all Java related components then >> the Java SIG based on what ever process/workflow they have decided >> would assign to that individual what ever task is needed at current >> times prioritized by the knowledge and resource they posses. >> >> So basically the barrier of entry is no higher than what the >> individual wants to learn or knows already as in.. >> >> Do you know or want to learn python. Join the python SIG etc... >> >> Do you want to learn distribution packaging join the Packaging SIG > Good example. How do we handle overlaps here? Y Would we need to as in would not an individual be able to participate in as many SIG's/Groups as he wants too? > Someone wishes to help with general packaging things, so they need to > update the java package guidelines and fix those packages. Do they join > the Packaging SIG? Java sig? both? Yeah why not joining both however he ofcourse would need to follow anykind of packaging standards the Java SIG ( Or any SIG/Group he might be a part of ) would have should that package be overseed by the Java SiG ( Or any relevant SIG/Group he might be a part of ), >> Or the individual would learn how to package components relevant to >> the SIG he just joined >> >> Thoughts? >> >> Far off and totally crazy, you are mad! >> >> What meds are you on can I have some? >> >> The SIG approach is something that actually might work... > I'm not convinced it would, without changing how our sigs are setup. That ofcourse might need some rethinking. JBG -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
On Tue, 2011-11-22 at 13:20 -0500, Aleksandar Kurtakov wrote: > > Would it be practical to dropping it altogether which in essence > > would > > make every contributor an "proven packager"? > > Well, everyone becoming a proven packager is going too far from the > beginning. > Though I have to say that this approach worked quite good in Mandriva in the > past. > I still remember misc telling me "please don't break too much" . For the few > years I maintained packages there > I haven't seen a single case of someone abusing his powers. Well, it's worth noting that while I also don't remember a case of anyone _intentionally_ abusing powers, there were cases where someone would make a change the nominal owner of the package had considered and actively decided not to make, or people would override each other's whitespace preferences, or things like that. None insurmountable, but it's worth noting there'd likely be some friction as a result of such a change, and people would need to learn appropriate ways of dealing with it. (I found that when there was some change I specifically didn't want to happen to a package, it was best to add an explicit comment threatening various hideous consequences to anyone who made such a change. Viz the top of http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/libopensync/current/SPECS/libopensync.spec?revision=679177&view=markup .) -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
* "Jóhann B. Guðmundsson" [22/11/2011 19:28] : > > What do people see as pros and cons continuing to use the current > package ownership model? Pro: it enforces responsibility. The way things currently work, it's relatively obvious whose work it is to fix a given bug. Con: the thing that kicked off the cleanup thread. A package which has an maintainer that doesn't know how to fix it, no co-maintainers and that isn't high-profile enough to grab the attention of a proven-packager will not be updated/fixed/improved. > Would it be viable to move to something like language SIG based > ownership of packages? For every single package? Probably not. FTR, How is this different from co-maintership? > As in lower the barrier of entry of contributor without the need and or > introduction of an package or any sponsorship and have them assigned to > relevant SIG based on language they either know or want to learn. ( not > necessarly having to tie packaging with code contribution ). While I'm all for having more maintainers and co-maintainers, I'ld worried that lowering the barrier of entry will lead to packagers who don't have the skills necessary to fix the problems that their packages will have. > The governing body of the SIG would in essence be the once that would be > responsible for the components. For a number of SIGs, this is already the case. As Kevin has said, the KDE SIG works like this and there's a high sense of ownership in the Perl SIG. > Do you know or want to learn python. Join the python SIG etc... I'm not convinced that joining a language SIG is going to help you learn said language. Seeing diffs of spec files go by won't get you very far. Emmanuel -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
tis 2011-11-22 klockan 17:51 + skrev "Jóhann B. Guðmundsson": > What do people see as pros and cons continuing to use the current > package ownership model? ownership is some times misappropriated with others doing all the work, but it's also of little practical meaning in the end. Would probably make sense to drop the separate ownership indication as such in favor of only using approveacls as ownership indicatior. This allows for a more diversified ownership and smoother transitions in ownership. > Would it be practical to dropping it altogether which in essence would > make every contributor an "proven packager"? no, but perhaps opening up git access a bit would, allowing packagers to commit changes to any package just not submit a non-scratch build for packages they are not approved on. But there may need some safeguards to alert provenpackagers if there is pending changes not yet officially built in a package they are modifying as part of a mass rebuild or other cleanup, but such safeguards probably makes sense no matter who made those changes for whatever reason as even assigned maintainers of the package may have committed changes not quite ready for release yet. > Would it be viable to move to something like language SIG based > ownership of packages? I would argue that the mechanisms needed for a SIG to use this model is pretty much in place already by making use of the co-maintainer route. There is also a lot of packages which do not fit in any particular SIG in that sense. > So basically the barrier of entry is no higher than what the individual > wants to learn or knows already as in.. And in reality it isn't. The barriers are mostly an illusion. There is a very high barrier for entering the packaging group by submitting a new package, and that barrier should be high to review the quality of that package and it's packaging. But the barrier for entering as a co-maintainer is only to show interest, skill and communication. Interested SIGs could do a great job in attracting co-maintainers to the packages they care about by setting up co-maintainership as a goal for the SIG. It should be quite visible to the any active SIG when there is people who may be suitable candidates for co-maintaing their packages. Reach out and invite people! Regards Henrik -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
Excerpts from Kevin Kofler's message of Tue Nov 22 19:24:22 +0100 2011: > Miloslav Trmač wrote: > > I wouldn't want to get rid of the ownership model altogether, I think > > there should be a specific person responsible for handling bug > > reports/RFEs. When a group is responsible to handle something not > > really pleasant to do, often no single member of that group feels > > personally responsible. > > All the core KDE packages are de facto SIG-maintained; no matter who the > official primary maintainer of the particular package is, we all feel > equally responsible for them. This works very well. All (or most) code KDE packages come from the same source, have the same build system, same quality standards etc. This is not really true for most "package sets" a group of people might be interested in. They will share some similarity (common macros, standard sub-packages etc.) but vary greatly otherwise. Since Java packages were already mentioned, we have hundreds of them. There are sets of packages that are similar to KDE (apache-commons-*), but most of java packages are coming from different sources. Some upstreams bundle dependencies, some don't etc. That said we welcome comaintainers and I've never been shouted at for using my provenpackager privileges to update spec to latest guidelines or for fixing a bug. But even though I know our Maven build system in and out, it's sometimes hard to predict failures caused by some changes. A single mistake in package can result in big problems (where even raising Epoch wouldn't help because build would fail). So I'd modify the proposal a bit...loosen the requirements on rawhide. If someone screws it up there, no problem. It will be found soon enough even if the problem is somewhere deep down in the basic dependencies. -- Stanislav Ochotnicky Software Engineer - Base Operating Systems Brno PGP: 7B087241 Red Hat Inc. http://cz.redhat.com signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Dropping the ownership model
Le mardi 22 novembre 2011 à 13:20 -0500, Aleksandar Kurtakov a écrit : > As much as we have disagreed on the previous topic we might have similar > thoughts here :). > > - Original Message - > > From: "Jóhann B. Guðmundsson" > > To: "Development discussions related to Fedora" > > > > Sent: Tuesday, November 22, 2011 7:51:31 PM > > Subject: Dropping the ownership model > > > > What do people see as pros and cons continuing to use the current > > package ownership model? > > > > Would it be practical to dropping it altogether which in essence > > would > > make every contributor an "proven packager"? > > Well, everyone becoming a proven packager is going too far from the > beginning. > Though I have to say that this approach worked quite good in Mandriva in the > past. > I still remember misc telling me "please don't break too much" . For the few > years I maintained packages there > I haven't seen a single case of someone abusing his powers. Things may have changed a little nowadays :) Mandriva, who use a system similar to what was proposed by Johann, face some issues ( lots of package not officially maintained, so the and that caused some problem ), and recently faced some friction with some contributors. On the other hand, this helped a lot to be able to maintain the distribution with a rather lower number of people. It should be kept in mind that security support on stable is done by a dedicated (often overworked) team, for a supported subset of rpm only, and done by community for the rest ( and that was rather messy ). For Mageia, we ( or at least I ) try to see if a mix between the two could be used : - all packages ( modulo some exceptions ) can be modified by anybody in the proper group ( packager ). People need to be trained before pushing packages. - at least 1 person should responsible of each package ( ie, get bug report, do security update, has the last word in case of issue with others packagers, unless conflict is escalated to $governance_bodies ). But due to various organisational issue ( like having created packages before having a working packager database ), there is still lots of unowned packages. - changes to a package are notified to the maintainer ( and others ). ( not done currently, but on the TODO list since a long time ). Inspired by the kde svn notification system. And we have a rather conservative approach regarding version upgrade, especially during freeze and on stable releases, so the problem of "someone upgraded libfoo and broke some stuff" is lower ( not inexistant but at least, it only touch the devel version, which is less risky than rawhide according to most people, and so more used ). I have also noted people do not like the idea of dropping unmaintained packages, but such is human nature. Some of Mageia packagers have asked for group maintainership, similar to the SIG-maintainer proposal, but for the same reason highlighted in the thread, i fear this would dilute responsibility. Something worth keeping in mind is to separate the actual commit/submit rights from any type of notification. IE, I am quite sure that some people would be happy to get notification of bugs and changes on some packages, without being co-maintainer. This would permit to find co-maintainers more easily IMHO, and surely foster cooperation between various distributions and with upstream. This would also help by engaging testers, etc. -- Michael Scherer -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
