On Thu, 22 Mar 2007 08:47:12 +0100, Raphael Hertzog <[EMAIL PROTECTED]> said:
> On Wed, 21 Mar 2007, Manoj Srivastava wrote:
>> The argument, if I can follow the htread, is about people who
>> review every line of code, like myself, for all new upstream, and
>> anything we sponsor, and whether su
On Wed, 21 Mar 2007, Manoj Srivastava wrote:
> The argument, if I can follow the htread, is about people who
> review every line of code, like myself, for all new upstream, and
> anything we sponsor, and whether such activity is desirable and
> productive.
Manoj, nobody will ever forbid
On Wed, 21 Mar 2007 18:12:39 -0700, Don Armstrong <[EMAIL PROTECTED]> said:
> On Wed, 21 Mar 2007, Manoj Srivastava wrote:
>> Buffer overflows are _still_ being exploited, decades after it is
>> known that unchecked user input fed to memory allocated on the
>> stack. And it does not take a rocket
On Wed, 21 Mar 2007, Manoj Srivastava wrote:
> Buffer overflows are _still_ being exploited, decades after it is
> known that unchecked user input fed to memory allocated on the
> stack. And it does not take a rocket scientist to spot a buffer
> overflow.
Some buffer overflows are easy to spot, bu
On Wed, 21 Mar 2007 12:28:22 -0700, Don Armstrong <[EMAIL PROTECTED]> said:
> On Wed, 21 Mar 2007, Manoj Srivastava wrote:
>> The implication, unless I am misreading things here, is that code
>> reviews and inspection of upstream changes are ineffectual. Given
>> that reviewing code for security
On Wed, 21 Mar 2007, Manoj Srivastava wrote:
> The implication, unless I am misreading things here, is that code
> reviews and inspection of upstream changes are ineffectual. Given
> that reviewing code for security is a labour intensive process, the
> inference is that it is not worth doing proact
On Thu, 15 Mar 2007 14:32:24 -0400, Joey Hess <[EMAIL PROTECTED]> said:
> Yes, and there are various ways to accomplish this, not merely
> one. For example, some DDs decide they can trust an upstream, and do
> not review every line of code in a new upstream release, while
> others do not.
> You
On Thu, Mar 15, 2007 at 08:32:03PM -0400, Roberto C. Sanchez wrote:
> On Thu, Mar 15, 2007 at 07:58:03PM -0400, Michael Olson wrote:
> >
> > I am one such person who wishes to be able to upload Debian packages
> > for software that I maintain without becoming a DD. The main reason
> > for not wan
Erinn Clark wrote:
> - Stratification
>
> As a subset of the power structure thing, one of the other issues I
> foresee is a "some developers are more equal than others" thing
> happening. I'm having a hard time thinking of how to explain this,
> because it's a bit "télétubby", as Joss wou
Hi,
On Sun, 18 Mar 2007, Erinn Clark wrote:
> > The problem is to allow more small-scale contributors. We have volunteers
> > who would like to maintain only few specific packages and who don't want
> > to go the burden to go through NM to be able to do that job. The skills
> > required to maintai
* Raphael Hertzog <[EMAIL PROTECTED]> [2007:03:18 12:36 +0100]:
> On Sun, 18 Mar 2007, Erinn Clark wrote:
> > - It's not obvious what problems it's meant to be solving
> >
> > Is it meant to be a stepping stone for NM? Prevent sponsor(ee) burnout
> > and boredom? Is it meant to replace NM e
On Sunday 18 March 2007, Erinn Clark wrote:
> - Stratification
>
> As a subset of the power structure thing, one of the other issues I
> foresee is a "some developers are more equal than others" thing
> happening. I'm having a hard time thinking of how to explain this,
> because it's a bit
On Sun, 18 Mar 2007, Erinn Clark wrote:
> * Anthony Towns [2007:03:15 04:22 +1000]:
> > If people don't do a good job as a "maintainer" they should have their
> > priveleges removed fairly promptly; and if a developers recommends
> > people to be listed as maintainers who turn out to be a problem
* Anthony Towns [2007:03:15 04:22 +1000]:
> If people don't do a good job as a "maintainer" they should have their
> priveleges removed fairly promptly; and if a developers recommends
> people to be listed as maintainers who turn out to be a problem, or if a
> developer just doesn't stay around t
* Simon Huggins <[EMAIL PROTECTED]>, [2007-03-16 18:05 +]:
> I've worked with Yves-Alexis on xfce packaging and sponsored some of his
> work into the project or uploaded work that was from the team with large
> contributions from him. I can't fault his work or dedication and when
> I've po
On Fri, 16 Mar 2007 16:47:24 -0600, Gunnar Wolf wrote:
> I don't have numbers to prove anything here, but I'm sure any pkg-perl
> [1] member will join me recommending Niko Tyni [2].
As a (non-DD) member of the Debian Perl Group I whole-heartedly
second this proposal; Niko is doing a great job in
Anthony Towns dijo [Sat, Mar 17, 2007 at 12:58:40AM +1000]:
> (...)
> That sounds like a recommendation...
>
> From what I can see [0], in the past six months you've sponsored about
> 83 uploads for (afaict):
I don't have numbers to prove anything here, but I'm sure any pkg-perl
[1] member will j
On 3/16/07, Simon Huggins <[EMAIL PROTECTED]> wrote:
On Fri, Mar 16, 2007 at 04:26:15PM +0100, Pierre Habouzit wrote:
> Well, I'm still not sure wether DM is a good thing or not in fact. But
> I'd say it has te be experimented yes. If we are going that road, Then
> I've two people to recommend
Michael Olson <[EMAIL PROTECTED]> writes:
> My current sponsor has recently stopped working on Debian development
> (to the best of my knowledge), and this proposal would enable me to
> keep my packages up-to-date. [snip]
A quick correction: in fact he hasn't completely stopped Debian
developme
On Fri, Mar 16, 2007 at 04:26:15PM +0100, Pierre Habouzit wrote:
> Well, I'm still not sure wether DM is a good thing or not in fact. But
> I'd say it has te be experimented yes. If we are going that road, Then
> I've two people to recommend for this: Fathi and Yves-Alexis Perez that
> is our one
Attached is my ${keyid}.changes for fathi boudra, proposed for
inclusion in the DM jetring.
It is debsigned with my own gpg.key, just tell me if it needs any kind
of tweaks in the fields syntax.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Changed-By: Pierre Habouzit <[EMAIL PROTECTED]>
Com
On Sat, Mar 17, 2007 at 12:58:40AM +1000, Anthony Towns wrote:
>
> I guess Fathi's worked closely with Daniel Glassey (clucene-core), Gustavo
> Franco (desktop-base) and Mark Purcell (KDE extras) so some of them
> might have nice things to say about him that might be worth including.
> If any of t
On Sat, Mar 17, 2007 at 12:58:40AM +1000, Anthony Towns wrote:
> On Thu, Mar 15, 2007 at 02:47:22PM +0100, Pierre Habouzit wrote:
> > Well at first it is. One of my main sponsoree is Fathi[0]. I sponsor
> > him for quite a long time now, I'd say a year at least. The beginning of
> > our relations
On Thu, Mar 15, 2007 at 02:47:22PM +0100, Pierre Habouzit wrote:
> Well at first it is. One of my main sponsoree is Fathi[0]. I sponsor
> him for quite a long time now, I'd say a year at least. The beginning of
> our relationship was indeed really a teacher/student one. [...]
> But for now som
Michael Olson <[EMAIL PROTECTED]> wrote:
> Debian Vote 2006-1 -- I don't want to become a part of the group of
> people who were responsible for classifying the GFDL as "non-free".
Not even RMS claims the FDL is a free software licence:
"I am not sure if the GFDL is a free software license, but I
"Roberto C. Sanchez" <[EMAIL PROTECTED]> writes:
> Well, what part of "you can't change this" is actually Free? The
> outcome was that if something uses the GFDL without invariant sections,
> then it is Free (as in DFSG-compliant). If something has invariant
> sections, then it (at least that pa
cobaco (aka Bart Cornelis) <[EMAIL PROTECTED]> writes:
> Well me for one:
> I've been actively involved with Debian for years (as a translator since
> march 2003, and as non-DD maintainer of 1 simple package since may 2005).
> Despite having been involved for years I still haven't bothered to g
Henrique de Moraes Holschuh dijo [Thu, Mar 15, 2007 at 10:22:32AM -0300]:
> I (and a lot of other people) would like to give everyone that really
> participates in Debian full DD voting privileges. This means translators,
> documentation people, and others that have no business getting anywhere
>
Clint Adams dijo [Wed, Mar 14, 2007 at 11:22:37PM -0400]:
> Really? If this "maintainer" thing goes through, I think it would set a
> horrifying double standard if we don't go ahead and start demoting
> people accordingly.
>
> Why should people be grandfathered just because they've passed through
On Thu, Mar 15, 2007 at 07:58:03PM -0400, Michael Olson wrote:
>
> I am one such person who wishes to be able to upload Debian packages
> for software that I maintain without becoming a DD. The main reason
> for not wanting to become a DD is an adverse reaction to the result of
> Debian Vote 2006
On Thu, Mar 15, 2007 at 01:02:15PM +, MJ Ray wrote:
> Steve Langasek <[EMAIL PROTECTED]> wrote:
> > There are good reasons for having the checks that we do in the NM queue; I
> > don't think there's anything in there that should be cut out, being a full
> > member of Debian does bring with it a
Bastian Venthur <[EMAIL PROTECTED]> writes:
> My first thought: do we really need this new class of contributors? I
> mean how many people do you currently know fitting in this category
> (don't like to become DD just maintainers). I guess there will be some,
> but I think the amount of people sho
Kevin Mark wrote:
> > The question is, is there a way we can minimize the overhead of integrating
> > contributions from folks who aren't (yet) DDs? Given what I see and hear
> > from various sponsors, the review of sponsored uploads is already a joke;
>
On Thursday 15 March 2007, Clint Adams wrote:
> > How about going after "Try hard to improve things, but don't shake the
> > house too much while at it"? There is a "cost" to improving things,
> > and if you have to disturb everyone to do it, then that cost is high.
> > It may not be worth it.
>
On Thu, 15 Mar 2007, Clint Adams wrote:
> > How about going after "Try hard to improve things, but don't shake the house
> > too much while at it"? There is a "cost" to improving things, and if you
> > have to disturb everyone to do it, then that cost is high. It may not be
> > worth it.
>
> Wh
"cobaco (aka Bart Cornelis)" <[EMAIL PROTECTED]> wrote:
> [...] and that's not because I think I can't pass
> it, but simply because I'm not looking forward to starting a long,
> drawn-out process (average time to complete NM is what? 6 months to a
> year?)
According to https://nm.debian.org/ i
On Thu, Mar 15, 2007 at 01:02:15PM +, MJ Ray wrote:
> The sponsors who have enough time to make such silly claims should be
> spending more time checking their sponsorees packages! I wonder if
> some of them are sponsoring because they think NM is needlessly slow,
> rather than because they wa
> How about going after "Try hard to improve things, but don't shake the house
> too much while at it"? There is a "cost" to improving things, and if you
> have to disturb everyone to do it, then that cost is high. It may not be
> worth it.
What? How does that not apply to the very DM proposal
On Wednesday 14 March 2007, Bastian Venthur wrote:
> Anthony Towns schrieb:
> > My theory is that we should do something like this:
> >
> > 1) create a class of contributors called "debian maintainers"
> My first thought: do we really need this new class of contributors? I
> mean how many peo
On Thu, 15 Mar 2007, Clint Adams wrote:
> > Instead, will you please explain what you believe would be the advantages to
> > the *project* that "demoting" many DDs would bring?
>
> Fairness in the power structure. It would also seem honorable to give
How about going after "Try hard to improve th
On Thu, Mar 15, 2007 at 01:02:15PM +, MJ Ray wrote:
> Steve Langasek <[EMAIL PROTECTED]> wrote:
> > There are good reasons for having the checks that we do in the NM queue; I
> > don't think there's anything in there that should be cut out, being a full
> > member of Debian does bring with it a
Steve Langasek <[EMAIL PROTECTED]> wrote:
> There are good reasons for having the checks that we do in the NM queue; I
> don't think there's anything in there that should be cut out, being a full
> member of Debian does bring with it a lot of privilege and responsibility,
> and the process for deci
> Instead, will you please explain what you believe would be the advantages to
> the *project* that "demoting" many DDs would bring?
Fairness in the power structure. It would also seem honorable to give
DMs a partial weighted vote (I believe three-fifths of one vote has
some negative connotations
On Thu, 15 Mar 2007, Anthony Towns wrote:
> On Thu, Mar 15, 2007 at 12:37:38AM +0100, Raphael Hertzog wrote:
> > If the "Debian maintainer" uploads a package changing the
> > Maintainer/Uploaders field to his own name, what happens ?
>
> Nothing in particular. The Maintainer/Uploaders field of the
On jeu, 2007-03-15 at 01:41 -0400, Kevin Mark wrote:
> If person X is a DD and maintaining 2 packages and has never sponsored
> anything, then (I dont like 'demoting' as it is an insult to their
> contribution) they would not notice a change in their status if it
> still allows them to contribute i
On Wed, Mar 14, 2007 at 11:22:37PM -0400, Clint Adams wrote:
> > Assuming that was not just an useless sarcastic post, well, you could try to
> > come up with a technical criteria to do it, and then propose a GR about it
> > (since it is bound to be a very contentious issue).
> >
> > I wouldn't bo
On Wed, Mar 14, 2007 at 07:13:23PM -0700, Steve Langasek wrote:
> The question is, is there a way we can minimize the overhead of integrating
> contributions from folks who aren't (yet) DDs? Given what I see and hear
> from various sponsors, the review of sponsored uploads is already a joke;
On Wed, 14 Mar 2007, Clint Adams wrote:
> Really? If this "maintainer" thing goes through, I think it would set a
Really.
> Why should people be grandfathered just because they've passed through
> NM or equivalent?
For the same reason people were grandfathered when NM was deployed, maybe?
But t
On Wed, Mar 14, 2007 at 07:56:48PM -0700, Steve Langasek wrote:
> On Wed, Mar 14, 2007 at 10:44:59PM -0400, Roberto C. Sanchez wrote:
> > I think the line is rather blurry. If you have someone who just started
> > in NM and is working on his first or second package, then that
> > individual should
> Assuming that was not just an useless sarcastic post, well, you could try to
> come up with a technical criteria to do it, and then propose a GR about it
> (since it is bound to be a very contentious issue).
>
> I wouldn't bother, though. To me that would just waste time, waste a lot of
> effor
On Wed, 14 Mar 2007, Clint Adams wrote:
> Good. I hope this means that we're prepared to demote to "DM" all
> DDs that only maintain one or two packages and all DDs that do a
> poor job of maintaining the packages that they claim to maintain.
Assuming that was not just an useless sarcastic post,
> Um. Quantity != quality. I hope no one is going to grant someone upload
> privileges based solely on the number of times they've prepared package
> revisions.
Good. I hope this means that we're prepared to demote to "DM" all
DDs that only maintain one or two packages and all DDs that do a
poo
On Wed, Mar 14, 2007 at 10:44:59PM -0400, Roberto C. Sanchez wrote:
> On Wed, Mar 14, 2007 at 07:13:23PM -0700, Steve Langasek wrote:
> > The question is, is there a way we can minimize the overhead of integrating
> > contributions from folks who aren't (yet) DDs? Given what I see and hear
> > fr
On Wed, Mar 14, 2007 at 07:13:23PM -0700, Steve Langasek wrote:
>
> The question is, is there a way we can minimize the overhead of integrating
> contributions from folks who aren't (yet) DDs? Given what I see and hear
> from various sponsors, the review of sponsored uploads is already a joke;
>
On Wed, Mar 14, 2007 at 08:50:06PM +0100, Bastian Venthur wrote:
> Anthony Towns schrieb:
> > My theory is that we should do something like this:
> > 1) create a class of contributors called "debian maintainers"
> My first thought: do we really need this new class of contributors? I
> mean h
On Wed, Mar 14, 2007 at 08:50:06PM +0100, Bastian Venthur wrote:
> My first thought: do we really need this new class of contributors? I
> mean how many people do you currently know fitting in this category
> (don't like to become DD just maintainers).
It's not "don't want to be a DD", it's "aren
On Thu, Mar 15, 2007 at 12:37:38AM +0100, Raphael Hertzog wrote:
> If the "Debian maintainer" uploads a package changing the
> Maintainer/Uploaders field to his own name, what happens ?
Nothing in particular. The Maintainer/Uploaders field of the existing
source package in the target suite are wha
On Wednesday 14 March 2007 19:22, Anthony Towns wrote:
-- snip --
> My theory is that we should do something like this:
>
> 1) create a class of contributors called "debian maintainers"
>
> 2) have a group of people authorised to maintain the keyring for
> those people, using je
Hi,
On Thu, 15 Mar 2007, Anthony Towns wrote:
> Over the past few weeks, after Joey Hess created the jetring keyring
> management tool from whole cloth [0], I've been poking at changing dak
> to support a "maintainers" keyring [1] so that we can make it possible for
> people who want to work on ju
On Wed, 14 Mar 2007, Bastian Venthur wrote:
> My first thought: do we really need this new class of contributors? I
Yes.
> mean how many people do you currently know fitting in this category
> (don't like to become DD just maintainers).
I know 2-3 of them already. And because we make it possible
On mer, 2007-03-14 at 20:50 +0100, Bastian Venthur wrote:
> My first thought: do we really need this new class of contributors? I
> mean how many people do you currently know fitting in this category
> (don't like to become DD just maintainers). I guess there will be
> some,
> but I think the amoun
Anthony Towns schrieb:
> My theory is that we should do something like this:
>
> 1) create a class of contributors called "debian maintainers"
Just a few thoughts. Please note that I'm still undecided whether I like
your idea or not.
My first thought: do we really need this new class of con
Hey all,
Over the past few weeks, after Joey Hess created the jetring keyring
management tool from whole cloth [0], I've been poking at changing dak
to support a "maintainers" keyring [1] so that we can make it possible for
people who want to work on just one or two packages able to do exactly
tha
63 matches
Mail list logo