Re: Transition to gnat-4.6
Stephen Leake wrote:
This means that under the current rules Debian Maintainers cannot
maintain libraries, only applications. Is that limitation deliberate?
I
don't recall seeing it mentioned anywhere.
I wouldn't go so far as to say Debian Maintainers cannot maintain
libraries; only that they require a sponsor for every binary package
name
change, which normally includes soversion changes. With Ada, this
requirement additionally applies to aliversion changes. Maybe the
Debian
Policy for Ada should make that more explicit. I certainly knew about,
and accepted, this limitation all along, and yes, it is deliberate.
I'm
pretty sure the soversion change case was considered when the Debian
Maintainer status was created.
The reasons why I accepted the requirement for me to sponsor every
aliversion and soversion changes were:
- I dit not anticipate the number of DMs and packages to increase this
fast :)
- I was hoping, and am still hoping, for my best Padawans to grow into
full Debian Developers; I have said so explicitly a few times :)
- The uploads DMs made without my sponsoring (i.e. after initial upload
and binary package name changes) have been very helpful in the past
and
have made it possible to increase the number of Ada packages in
Debian
without increasing my workload too much.
Any maintainer can make his package Build-Depend on gnat, or imitate
a
shared library to fake whatever automatic test I can imagine.
I think you are implying that Bad Things Can Happen if this rule is
accepted; can you be more explicit?
For example, how would a malicious DM get malicious code uploaded by
this rule, that they can't do now?
I think the danger that DM status prevents is that a malicious DM
hijack a package that they don't own. There are strict rules for
non-maintainer uploads; DMs simply cannot do NMUs. I think your
proposed
rule would make it much easier for a DM to hijack a package without a
formal NMU, e.g. by renaming one of their binary packages to a package
that already exists.
--
Ludovic Brenta.
Reply to: