Re: Doom of Debian Re: Debian Weekly News - February 18th, 2003
Sean Hunter wrote:
On Tue, Feb 18, 2003 at 11:02:36PM +0100, Davide Inglima wrote:
Martin Schulze wrote:
While Anthony's proposal of "Reviewing all upstream changes" makes sense on
a security standpoint, it will put the necessary strain to Debian to
self-destruct the distribution.
Right. There are some who believe that the strength of open source lies
in ubiquitous peer review. Debian (and open source software in general)
can _only_ benefit from more review, and upstream authors might actually
pull their socks up and improve their code if they knew other's would
read the diffs.
There already are problems to port 6000+
packages on (how many? 7? 11?) different architectures, this harmful easter
egg could be the drop that tops off the distribution. I have already begun
to see growing disaffection to GNU/Linux by former enthusiast people, and
this can simply spell the final doom on the credibility of open-source.
This is utter nonsense. The point of Debian is not to have gazillions
of k3wl packages. The point is to have software that works well.
Ok, that's a good point, but at the moment Debian boasts something like:
"Debian GNU/Linux provides more than a pure OS: it comes with more than 8710
packages, precompiled software bundled up in a nice format for easy installation
on your machine."
This is on w.d.o main page... and if I go to the installation manual
I can see something like 11 architectures supported by the current distribution.
If I open aptitude or dselect or browse the list of packages, I can see
gazillions of k3wl packages which are old and many times don't work well, or
come without documentation, for gazillions of architectures
In other words Open source gains credibility from quality. Quality comes
from rigourous peer evaluation. This is a key difference with closed
source and is one of the unique selling points of open source. People
review the code.
I personally don't give a shit whether micq is in Debian. I do care
about the fact that maintainers are simply accepting patches into
packages I do use without reviewing them. That lowers quality and leads
to lack of credibility.
And nobody was contesting that.
I was only trying to state that:
1) Debian is already a huge project, maybe really bigger than the needed, with
many packages with pending bugs from 200+ days, and many other packages
that don't fit the (complex) debian policy
2) becoming a Debian mantainer is already a complex and time-consuming process:
if you put on top of all the complexities of mantaining a single packages the
right NEED of peer-reviewing _every_ _single_ _line_ of diff that comes
from upstream from version to version of any single software package, then,
you add other strain to an already burdened distribution.
3) either  Debian has the guts to cut the number of packages that it ships,
or the Debian mantainers become part of the upstream package devteam for
any single package they mantain, or, simply put, the distribution will be
 This is all IMO and in my flacky ability of reading in the crystal sphere.
"The question of whether computers can think is like the"
"question of whether submarines can swim." -- Edsgar Dijkstra