mething about importing a new upstream,
and it really was just a reminder, I would not cite your contribution
unless I used a significant chunk of text you had written.
If you gave me bad info and I didn't catch it, then we learn I probably
should not be trusted to pick good sources for my education.
--Sam
he moral issues are going to be even harder to
figure out.
I don't think it is as simple as you write above, and I agree with
Russ's thoughts on the situation.
--Sam
manner.
* Use generative AI to suggest names of projects, help improve
descriptions, summarize content, etc.
* See if generative AI could help producing a message with a desired
tone.
--Sam
ho know the BTS code).
At least people could be warned that because of the domain they send
from their mail might not get through.
--Sam
> "Daniel" == Daniel Gröber writes:
Daniel> Hi,
Daniel> On Fri, Dec 29, 2023 at 08:48:28AM -0800, Antonio Russo wrote:
>> [...] my personal experience is that making contributions is like
>> dropping a message in a bottle into the sea. It feels like a
>> complete crap-sho
bian.org/security-tracker-team/security-tracker/
--Sam
I tend to generally agree with Russ.
But I wonder if there are things we could do on a technical front
Are there things we could do to remove barriers and get to a point where
we can make salsa a valid contribution channel?
Things like
* Add a way to mirror issues from salsa to github for peopl
I have a proposal.
In writing the below, I realized that we may have reached the point of
diminishing returns, and perhaps we should be done with this discussion.
CONSENSUS IS NOT A REQUIREMENT HERE.
In general, if someone wants to maintain something in Debian, and the
ftp team does not object, a
> "Roberto" == Roberto C Sánchez writes:
Roberto> sources." I mean, if you're going to wave the code of
Roberto> conduct around (or Andy in the case of the initial report),
Roberto> then perhaps we ought to distinguish between what the code
Roberto> of conduct was very clearly
libc6 version as low as GLibC
2.32.
Try changing your job to run on an older runner image:
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#choosing-github-hosted-runners
For instance, ubuntu-18.04 will build against glibc 2.27.
--
Sam Morris <ht
of detail appropriate for debian-project.
Further discussion of this issue at this time on this list does not
serve the community.
--Sam
signature.asc
Description: PGP signature
concerns of training data.
If I were a European, I'd definitely be very interested in filing a
subject access request to learn what OpenAI knows about me.
--Sam
signature.asc
Description: PGP signature
> "Ansgar" == Ansgar writes:
Ansgar> I would very much prefer explicit sexual content over Nazi
Ansgar> symbols. So let me make a suggestion:
As would I.
If anyone wants to work on the challenges of adult content feel free to
reach out and I'd be happy to spend some of my time on t
lopers who have written defending free speech:
>> we've had others > > who have expressed various reservations with
>> one aspect or other of > > the status quo.
>> > >
>> > > There's been a grudging consensus that this is *hard*.
n> "G" == G Branden Robinson writes:
G> Neither you nor he, therefore, is well placed to present a
G> (presumptively neutral) summary of the discussion. (Neither am
G> I.)
Branden, I'd like to push back on the idea that we want a summary from
someone neutral.
If we have that lu
d fortunes-off are hoping for
when they interact with the corpus?
And questions generally to us as a whole:
* How should we approach creative works when the context is ambiguous?
* Where do we draw the boundary between encouraging thought
about/exploration of uncomfortable ideas and promoting those ideas?
* How do we want to approach things where a reader/user has to infer a
lot of context and some approaches they might take are negative?
Thanks for your consideration,
--Sam
signature.asc
Description: PGP signature
rew> disagrees with what that should be.
Andrew> Notably, Sam Hartman and Branden Robinson have pointed up
Andrew> flaws with the existing categorisations and with a blanket
Andrew> removal based on preference. It's also noticeable that this
Andrew> largely comes d
age, not discourage.
As you pointed out, and I agree, if someone does want to put in the
effort, that's easy to solve.
Thanks for making Debian better,
--Sam
n the package without filtering if you believe that's best;
take the position of being a maintainer and force those who disagree
with you to fight the uphill battle of overriding a maintainer.
* State your support to be counted in any determination of consensus and
leave it at that.
B
> "Steve" == Steve Langasek writes:
Steve> This isn't Sodom and Gomorrah; the package shouldn't be
Steve> spared from death because you found 5 good fortunes in it.
Steve> This package is a fossilized collection of fortunes that some
Steve> random people on Usenet found funny
> "Andrew" == Andrew M A Cater writes:
Andrew> I'm not going to die in a ditch over this but I raised it as
Andrew> a genuine query to the project in good faith and without any
Andrew> agenda.
I appreciate that. I hope my message was received in the spirit of an
answer to the g
position
emerges.
Thanks for your consideration,
–Sam
signature.asc
Description: PGP signature
>>>>> "Niels" == Niels Thykier writes:
Niels> Indeed - I noted that. :) My answer to Sam's email was due
Niels> how it went into details with why Sam saw the RT as a good
Niels> candidate team for this role and I wanted to present a
Niel
early by stakeholders, but if those
projects took the time to deal with concerns raised at the appropriate
points, the bar for later concerns would be raised significantly.
And yes, we might well discover we were unable to make decisions on some
projects--possibly including things like usrmerge.
I think even that would be a significant improvement.
--Sam
> "Chuck" == Chuck Zmudzinski writes:
Chuck> Debian processes: AFAIK there is no process for a user to
Chuck> resort to when an important bug has been ignored for over a
Chuck> year except to make some noise on mailing lists like
Chuck> debian-user and debian-project. What wou
erested in understanding the problems/challenges
you/they are facing.
I'd like to see if there is anything I can do to help out.
Sam Hartman
Debian Developer
signature.asc
Description: PGP signature
> "Felix" == Felix Lechner writes:
Felix> Dear Mr. Leader, Congratulations on your re-election as
Felix> Project Leader. I wish you the best for your third term.
Felix> Please accept herewith my resignation as your trademark
Felix> delegate, effective immediately.
Felix, tha
terested--perhaps even
augmented by a few who still have some concerns-- to make
recommendations to the DPL on a group of individuals who could
adequately study these issue?
I want to make sure we pursue this at the right level and with all
appropriate deliberation.
I'm sorry, I just couldn't resist.
I am also considering your message in a more serious manner, but I
don't have any quick thoughts there.
--Sam
. And I understand why it is that you (quite reasonably
given the information made available to project members) believe that
has happened.
As a project,a let's agree we're not going to do that, and let's figure
out how to build sufficient trust that we can believe in that agreement.
--Sam
> "Gerardo" == Gerardo Ballabio writes:
Gerardo> Debian is a community that strives to be open, fair and
Gerardo> inclusive. That means that we have made a commitment to
Gerardo> welcome everybody and not exclude anyone without good
Gerardo> reasons.
I agree that Debian has c
>>>>> "Russ" == Russ Allbery writes:
Russ> Sam Hartman writes:
Russ> I dunno, I realize I may be being too cavalier here, but see
Russ> the point above about making more decisions, faster, and
Russ> accepting a few mistakes. If we end up wi
are doing things.
I personally think that we need a clear explanation so that the project
can come to an informed opinion and express that opinion through
discussions, through DPL elections, and through GRs.
--Sam
ase to someone, or even to communicate all the
potentially public evidence. It could include a description of the
triggering event in most cases.
A message might look something like:
Hi Sam,
We are writing to you because we're concerned about your message to blah
with messa
at least for the parts where I wanted to get
thumbs up/down to various statements.
I too think that such informal mechanisms would be valuable.
--Sam
> "Paul" == Paul Wise writes:
Paul> On Wed, Sep 29, 2021 at 8:25 AM Bastian Blank wrote:
>> All Python source is compiled into bytecode during installation.
Paul> Scripts in the bin/ directories are not compiled into
Paul> bytecode, and there are a number of packages that do
> "Manoj" == Manoj Singh writes:
Manoj> Hi Team, For FIPS(federal information processing standards),
Manoj> required all python code in bytecode format(.pyc) instead of
Manoj> plain source .py.
NIST publishes a lot of FIPS documents.
Can you please point to the specific version o
> "Timo" == Timo Röhling writes:
Timo> * Stéphane Glondu [2021-04-16 17:12]:
>> I would be glad to help :-)
Timo> Great!
>>> With all that being said and having made my case, I am open for
>>> any reasonably secure solution (including Belenios) that we can
>>> agree
> "Steve" == Steve Langasek writes:
Steve, I'm writing to confirm understanding of our disagreement and to
acknowledge the point you made and explain why it is not persuasive to
me. I'm not trying to convince you to change your mind, simply letting
you know I've considered what you have to s
> "Timo" == Timo Röhling writes:
Timo> * Pierre-Elliott Bécue [2021-04-13 11:19]:
>> I would rather not reserve any DEP for this right now. We
>> actually don't really know if any space for DEP text regarding
>> secret voting will be left out. The voting procedure is
>> h
e is that if you're acting as a
fascist , you won't be welcome here.
I'd prefer to make that determination based on actions rather than
affiliations.
--Sam
signature.asc
Description: PGP signature
nth or so when things are calmed down, someone is interested
in that post, ping me and I'll send it.
If no one is interested I never need to dig it up.
--Sam
t very
happy with.
I'd love to see good NVC training at DebConf.
Or training in any other empathy framework or similar.
One complaint i've heard is that the training is expensive.
In our current climate, "um whatever," is my response.
I think that any training that helps us work together would be worth its
weight in modern servers.
--Sam
ing mess. I don't know
how to help people find empathy and listen to each other."
And yeah, for me, I actually felt tension release saying that in a
strong manner like that.
And yes, it's impolite, and yes, doing it often is problematic.
But once in a while lets us remember that we're all human.
--Sam
> "Thomas" == Thomas Goirand writes:
Thomas> The point is: is there some restrictions on political views
Thomas> that the Debian community/project would like to enforce?
Yes, I think this is a topic worth discussing.
There has been a motion in the free software community to focus m
I wasn't thrilled with Steve's message; I sent him what I hope are some
constructive comments privately.
Bringing up nazis is rarely going to calm things down or promote
constructive discussion.
And yes, he did that.
But Adrian! You really doubled down on the tension.
I appreciate that you are
> "Dominik" == Dominik George writes:
Dominik> With all due respect to everyone who has been offended by
Dominik> Richard Stallman, feels oppressed by him, or is negatively
Dominik> affected by his views — every single such person has to be
Dominik> heard, their fears and sorr
> "Mark" == Mark Pearson writes:
Mark> It's just a case of needing the libfprint and fprintd packages
Mark> installed and then under settings->user you can start
Mark> registering your prints.
Right, and the desktop maintainers could choose to make their desktop
meta packages dep
these packages installed by default on a server for
example.
For an environment that is trying to compete with Mac or say ChromeOS, it seems
fairly clear we would want that feature.
The parts of Debian that are trying to do that are some of the desktop
environments.
So, I'd approach the mainta
> "Bastian" == Bastian Blank writes:
Bastian> Hi Steve
Bastian> On Sun, Nov 29, 2020 at 03:53:24PM +, Steve McIntyre wrote:
>> Have people been pushing the other way - to remove the suffix?
>> Just curious.
Bastian> That was me. It's because of the maintenance overhe
say it's something I care about for human factors rather
than for exact guarantees.
So, even though I wish I wasn't saying this, please keep -team.
--Sam
I think it is really important that we find a way to accept funding like
this. I'm fine if we as a community have concerns about the specifics.
But free software isn't supposed to mean developers don't get paid, or
the software doesn't get funded (or even the software itself isn't
expensive altho
orporations who allow
their employees to spend significant tim on Debian. But I also value
spending effort making other options possible.
--Sam
I've been thinking about your question about alternate names for the
debian.net team.
Everything I come up with would be confusing with regard to DSA--like
the Debian services team.
Perhaps something like Services Facilitators.
Or just go with debian.net team and be clear in the description what
> "Lucas" == Lucas Nussbaum writes:
Lucas> I think that this proposal combines two quite different
Lucas> aspects, and that it might be better to keep them separate.
Lucas> 1. Maintaining contacts with infrastructure providers that
Lucas> are willing to help Debian. That's of
> "Paul" == Paul Wise writes:
Paul> On Wed, Aug 12, 2020 at 3:27 PM Pierre-Elliott Bécue wrote:
>> I'd rather try to solve the issue in a more sensible way : lower
>> the number of expected GPG signatures to 0 temporarily, and ask
>> for two or three advocacies from DDs.
on the long term. I wish that I had found more constructive
ways of asking Olek for reassurance that he wasn't trying to block
short-term progress.
I think that based on an off-list discussion with Olek and thinking
about the situation I've found better mechanisms to do that in the
future.
--Sam
signature.asc
Description: PGP signature
Enrico, I find that the sorts of discussions that you've started are
more valuable if someone goes back later and tries to summarize what
we've learned.
So I'm going to take a stab at that.
I don't think we were seeking a consensus, and we didn't find one. What
we did find is a number of appro
>>>>> "Holger" == Holger Levsen writes:
Holger> Sam, you accused Olek of derailing the situation, which
Holger> (AFAICS) he disagrees with, and now you are "offering" to
Holger> solve this problem by Olek investing more time to solve a
>>>>> "Olek" == Olek Wojnar writes:
Olek>Sam, I do not appreciate your aspersions and I think your
Hi.
It sounds like you are hearing me as disagreeing with *you* and not with
some combination of your ideas and how they are presented.
I'd like to off
> "Olek" == Olek Wojnar writes:
> TL;DR: While there may be improvements to be found in a
> completely different approach to identity, let us not let the
> scope of the discussion broaden that far, so we can make
> progress today.
Olek>I respectful disagree on this point. This
TL;DR: While there may be improvements to be found in a completely
different approach to identity, let us not let the scope of the
discussion broaden that far, so we can make progress today.
> "Olek" == Olek Wojnar writes:
Olek> TL;DR: I think without some link back to real world
Jonas> as well.
I'm sorry.
I was aware I was doing this and suspected that you might not agree with
the original criteria. I failed to make that clear in my message.
I wasn't sure where to jump in and apparently chose poorly.
Thanks for calling me on this.
--Sam
icant positive reputation
and
2) That it would be costly for them to burn that reputation to maount
an attack.
In this model the advantage of trying to tie a key back to a real-world
identity is that we only get one of those.
No matter how much good work I do in the future, I cannot escape a
betr
Hi.
While DPL, I established a relationship with a GDPR lawyer to help the
data protection team and myself with some questions.
They forwarded along the following information about a new guide for
GDPR implications for developers.
The data protection team members were also copied.
--
>>>>> "Michael" == Michael Lustfield writes:
Michael> On Tue, 26 May 2020 08:13:24 -0400
Michael> Sam Hartman wrote:
>> Unfortunately, being a member of Debian, I find myself getting
>> stuck in the details and think yo
Hi.
I've reviewed most of the spec you point to on salsa.
I think you might be getting some of the details before the basic
principles.
I agree with the principles you state, but would probably state them
differently:
* Incremental review is valuable and is likely to improve our processes
* M
In my last bits mail I talked about two sets of messages from Russ. The
first talks about the importance of actually leaving room for
disagreement.
THe second talks about hostility in handling new proposals.
Here are pointers.
Russ's Debian vote messages were:
[9]: https://lists.debian.org/
>>>>> "Scott" == Scott Kitterman writes:
Scott> Sam,
Scott> I think you've missed the mark here, except perhaps the why
Scott> another service section at the end.
Scott> Personally I'm in the "I think it's unsuitable for
Absolutely, the DPL, or DAM, or others may forward to the CT.
That would count as it being directed their way.
TL;DR: As Tina points out, this delegation does not accomplish
everything. It is an incremental step forward, one of many we've taken
this last year. Tina brings up a number of points where there might be
value in revising text if we get the support to do so. I welcome such
proposals for improv
> "Ihor" == Ihor Antonov writes:
Ihor> I want to leave this as is without final verdict. Everyone
Ihor> should make their own.
I really appreciate the idea of summarizing the thread; I agree with you
it has gotten long.
A good summary is one where people on all sides of the issue
being forced to go to the site to meet some metric is
off-pissing.
I'm not saying this needs to be addressed prior to experimenting.
I'm saying that as an individual I want to see an improvement here prior
to depending on this for any important project decisions.
--Sam
something
else could get together and give it a try?
--Sam
>>>>> "Peter" == Peter Palfrader writes:
Peter> On Mon, 13 Apr 2020, Sam Hartman wrote:
>> >>>>> "Luca" == Luca Filipozzi writes:
>>
Luca> This is why having a central approach to account creation,
Luca>
AS I understand it the only open issue preventing a delegation is the
following; we need to find wording that makes it clear you can write to
parties other than the CT.
> >> * To respond to concerns raised by members of the project or
> >> people interacting with them, working with indi
> "Luca" == Luca Filipozzi writes:
Luca> This is why having a central approach to account creation,
Luca> rather than distributed, is worth considering. I'm in favour
Luca> of usernames not changing because one's role changes but that
Luca> does not mean I'm favour of divergen
Debian's sso architecture
over the years.
Independently of Enrico's proposal, and unremarked by everyone who is in
this discussion, debian.social has adopted the same strategy.
Even if nm.debian.org, contributors.debian.org and sso.debian.org were
not going to use salsa, we'd alrea
the advantages of having
usernames not change is sufficient that the project is unwilling to try
to override the salsa maintainers.
--Sam
signature.asc
Description: PGP signature
>>>>> "Russ" == Russ Allbery writes:
Russ> Luca Filipozzi writes:
>> On Fri, Apr 10, 2020 at 11:48:22AM -0400, Sam Hartman wrote:
>>> * Note that if you want to you can host accounts in gitlab and
>>> have keycloak act as an
ou decide you
like Gitlab as an IDP but find you need Keycloak's transformations,
you can have people login to Keycloak using their Gitlab accounts.
* We did not discuss security. Neither of us had audited either
product.
--Sam
TL;DR: The concern Scott raises is a good one, and I think he caught me
out on a wording problem in the delegation text.
> "Scott" == Scott Kitterman writes:
Scott> Constitution 5.1.4 give the DPL the power to "Make any
Scott> decision for whom noone else has responsibility." Some
> "Luca" == Luca Filipozzi writes:
[All my statements in this thread have been as an individual, not as
DPL. I've offered to help Enrico facilitate consensus calling in this
discussion, and if he takes me up on that, such facilitation might not
entirely be separable from the DPL role when do
Sigh.
I propose delegating the following developers as members of the
Community Team.:
> - Pierre-Elliott Bécue (peb)
> - Luke Faraone (lfaraone)
> - Steve McIntyre (93sam)
> - Jean-Philippe Mengual (jpmengual)
Sigh.
Steve pointed out that I left off a name in review comments and I missed
I'm pleased to finally be able to propose a Community Team delegation
for discussion. During the last year it has become clear that we can
accomplish more at lower emotional cost when we have the Community Team,
Account Managers and DPL working together, supporting each other. It's
become clear
assuming that the mechanisms for determining easily if someone
are a dd are adequate, I think there is a rough consensus in this
discussion that keeping the same username as your role changes is
desirable.
--Sam
> "Enrico" == Enrico Zini writes:
Enrico> I agree that with the current proposal, the use case of
Enrico> "grant a person permission based on their status, which is
Enrico> somehow revoked or blocked if the status goes away" becomes
Enrico> something we might not be able to d
> "Enrico" == Enrico Zini writes:
Enrico> On Wed, Apr 08, 2020 at 08:45:32PM +0800, Shengjing Zhu wrote:
>> Sigh, but it makes sense too. Will nm.d.o have a field which
>> reflects the username on salsa?
Enrico> It finally will, yes! \o/
Enrico> It's been quite painful n
achines.
I think we all cringe thinking about that.
--Sam
signature.asc
Description: PGP signature
> "Xavier" == Xavier writes:
Xavier> Le 07/04/2020 à 17:20, Paul Wise a écrit :
>> On Mon, Apr 6, 2020 at 3:58 PM Bastian Blank wrote:
>>
>>> ## Highlevel plan
>>
>> I'd like to learn a bit about what the effects for Debian account
>> holders and service admins
t the status quo is wrong:
* we are heaping abuse on our leaders
* Sometimes it is not clear that our teams our meeting the needs of the
project
I hope we choose to solve both of these together.
--Sam
to wrap that up and make a project-wide decision.
Individual delegates could potentially ignore the DPL. As an example
I'm going to write to owner@bts and ask them to exclude the person in
question.
They could say "No, Sam we think you're being unreasonable."
And then we'
‐‐‐ Original Message ‐‐‐
On Wednesday, March 4, 2020 12:35 AM, Sam Hartman wrote:
> > > > > > "Sam" == Sam Hartman hartmans.debian@protonmail.com writes:
>
> Sam> I hereby appoint everybody who was harassed by the
>
> Sam> Anti-Hara
>>>>> "Sam" == Sam Hartman writes:
Sam>I hereby appoint everybody who was harassed by the
Sam> Anti-Harassment team to be the new Anti-Anti-Harassment team
For the avoidance of doubt, the mail I am replying to was forged and was
not sent by me.
I hereby appoint everybody who was harassed by the Anti-Harassment team to be
the new Anti-Anti-Harassment team
If the Anti-Harassment team backstabs you, the Anti-Anti-Harassment team is on
your side.
Now everybody will feel safe somewhere in Debian but maybe not everywhere at
once
Sent with
that.
--Sam
I've just returned from vacation and taken a couple of hours to catch up
on mail I missed.
It was nice to be entirely without email for a week.
During that week, there was a discussion on debian-private about how to
handle abuse and harassing email both on debian-project and in general.
The immed
[This will be my last message on this thread.
I go away on vacation tomorrow.]
> "Didier" == Didier 'OdyX' Raboud writes:
Didier> The crux of my strong disagreement is here: as DPL, you just
Didier> _framed_ the Montreal miniDebConf as a protest.
This is a case where perception is
> "Didier" == Didier 'OdyX' Raboud writes:
still saying "one way is to withdraw your budget
Didier> request (…); if that is not your choice, I _ask_ you to find
Didier> some other way". So what happens if they put your request to
Didier> /dev/null, if you're not withdrawing the D
supports the DC20 Team
=
I want to take this opportunity to express strong support for the
volunteers putting on DebConf 20. Your contributions to the Debian
community are greatly appreciated.
Thanks for your understanding and hard work.
Thanks for your Consideration,
Sam Hartman
Debian Project Leader
signature.asc
Description: PGP signature
> "Jerome" == Jerome Charaoui writes:
Jerome> Following the announcement of the DebConf20 location, our
Jerome> desire to participate became incompatible with our
Jerome> commitment toward the Boycott, Divestment and Sanctions
Jerome> (BDS) campaign launched by Palestinian civ
1 - 100 of 295 matches
Mail list logo