Re: Sponsoring questions; are sponsored NMU's allowed?
Steve Langasek <email@example.com> writes:
> On Sat, Jun 05, 2004 at 06:41:02PM +0200, Jeroen van Wolffelaar wrote:
>> A last question: what about sponsored NMU's? I've had at least one NMU
>> ready to be sponsored & uploaded, plus pondered to do it multiple times,
>> often invited by DD's. Is it allowed as a non-DD to do NMU's? Or are
>> NMU's really a DD-only privilege?
> The comments about sponsored NMUs were actually mine. I don't believe
> there's any valid reason for sponsored NMUs; the responsibility of the
> NMU preparer is such that there should be exactly 0 difference between
> the actions taken by a DD uploading his own NMU and a DD uploading an
> NMU at the prompting of a non-DD, so there's no sense in referring to
> this as a sponsored NMU unless the DD is doing something wrong. (E.g.,
> all patches that are part of an NMU should be in the BTS before the NMU
> is done, so the DD can easily grab them from there without having a
> non-DD prepare a source package that includes them.)
The difference is that the Changed by field will read the name of the
sponsoree instead of the DD sponsoring. Questions, blame, followup
should idealy be handled by the sponsoree while the DD only has to
make sure that that happens.
And if it turns out that the last X uploads have all been done by the
same non DD they can more easily adopt a package than if every upload
has a different DD on it.
Give credit where credit is due. If someone wrote patches, looked the
package over, fixed bugs and invested all his time why not put his
name on it? Security wise it also makes sense to keep seperate records
of who wrote the code and who OKed it for debian.
As you say there should be 0 difference in the work the DD has to
do. The only difference is what name to put on it.
> If this is an issue of NMs wanting to be credited for their involvement,
> either NMs are placing too high of importance on having their name in
> the changelog, or we as a community are placing too little importance on
> the work that our non-DDs are doing in submitting good patches to the
> BTS and following through on getting DDs to look at packages that need
Count the number of patches in the BTS older than 1 month, 3 month, 1
year. Getting DDs to look at packages has always been a problem.
> Are sponsored NMUs allowed? They are allowed in the sense that there's
> nothing in place to prevent them. But I don't see any reason why we
> would want to encourage the practice.
So how would I source NMU for example amiga-fdisk? Or get any m68k
binary-only upload into the archive?
In some cases the DD can't rebuild and test the package and has to
trust the sponsoree. Of course that shouldn't be done casual but if
there is sufficient trust and experience on both side why would that
be a bad thing?