[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Work-needing packages report for Jul 11, 2003

On Mon, Jul 21, 2003 at 10:48:41AM -0500, Steve Langasek wrote:
> On Sun, Jul 20, 2003 at 05:43:05PM -0600, Jamin W. Collins wrote:
> > On Sun, Jul 20, 2003 at 10:51:56PM +0100, Matthew Garrett wrote:
> > > Someone who enters Debian is in a position to upload a package
> > > that could backdoor a very large number of machines. Attention to
> > > detail at the DAM stage is *more* important than pretty much any
> > > other decision making process in Debian. If the DAM fucks up even
> > > once, we lose massively.
> > There's that paranoia spectre again.  There is nothing that stops a
> > current DD from doing the exact same thing.  There is also nothing
> > to indicate that the above is DAM's reasoning for the extremely long
> > delays.  If an applicant isn't clearly trustworthy within 60-90 days
> > is another 9 months or more truly going to help?  It would be better
> > (and safer according to your argument) to refuse the application and
> > let them reapply later, or even state that as a reason for having
> > the applicant wait a longer period.  Instead we simply leave the
> > applicant in limbo without any update.
> When the first 60-90 days represent a state of insufficient
> information, it's quite possible that more time would help the DAM to
> make a decision.  I also don't see where anything Matthew said can be
> construed as making it *safer* to reject applicants who aren't known
> to be ready, instead of leaving them in the queue.

If the DAM needs more time to make the determination, fine.  However,
don't you think the applicant deserves the common courtesy of an update
stating that?  It seems that in some cases DAM would rather just let
them rot in the dark.

Matthew's statements show a concern over approving potentially
untrustworthy applicants.  I simply stated that rejection was an
alternative to approval at the end of 60-90 days.  I didn't say it was
*safer* to reject than leave them on the queue, but rather safer to
reject than approve (sorry if that wasn't clear).

> If you really feel that being rejected is preferable, from the
> applicant's POV, over being left in limbo, why have you not withdrawn
> your application?  

There is a significant difference between being rejected and withdrawing
one's application.  I wish to contribute to Debian, and for that
contribution (package maintainence) a DD account is rather necessary
(yes, we've covered the sponsorship option).  To withdraw my application
would indicate that I no longer wish to contribute to Debian in this
manner, which is not the case.

> That seems to be the logical result of your line of argumentation.
> Since you have not withdrawn your application, I would conclude that
> you don't really feel being rejected is the best way to achieve your
> goal of contributing to Debian.

I've presented several options, rejection was but one of them.  Ideally,
the applicants would be given an update within 60-90 days indicating why
they are still holding.

> If you were rejected today with an explanation -- "insufficient
> information to tell if you're trustworthy", "technical skills need
> improving", "not focused on Debian's core challenges", "flames too
> much on debian-devel"[1], or anything else that basically reduces to
> "needs to improve himself as an applicant before being accepted" --
> would you act on this feedback and try again?  

That would entirely depend on whether or not I agreed with the reasoning
provided.  Any rejection notice should be accompanied by suggestions on
how to correct the problem.

> If so, what prevents you from trying to improve yourself as an
> applicant today based on what you know about Debian's deficiencies?
> If not, what difference does it make from Debian's POV whether
> applicants are rejected or allowed to stall?

I am attempting to "improve" myself and Debian at the same time.  I've
found an area of Debian that is quite broken and am attempting to get it
fixed.  I have not stopped filing bug reports on broken packages, 
contributing on the various mailing lists, or maintaining my packages.

> I do understand that faster processing of acceptable applicants would
> be potentially beneficial; but I don't follow how faster rejection of
> unsuitable applicants would make much of a difference.

If an applicant can't be approved after a few months, what is the point
of keeping them on hold any longer?  The negative effect of keep people
on hold for extremely long periods of time, is that a number of new
applicants will be driven away by the apparent extremely long wait
periods (as a number have already stated). 

Jamin W. Collins

Linux is not The Answer. Yes is the answer. Linux is The Question. - Neo

Reply to: