[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Development standards for unstable

Thomas Viehmann <tv@beamnet.de> writes:
> Russ Allbery wrote:

>> The thing is... most of the orphaned packages are in fairly good shape.

> How do you know?

Well, because at one point I went through the PTS for each one of them,
checked for filed bugs, checked lintian reports, etc.  I haven't
specifically *used* each of them, but I think the choices are no one is
using them (popcon seems to say no), no one is reporting problems
(possible, but statistically I'd expect someone to notice), or they're in
fairly good shape.

> I think that not shipping unmaintained and unsupported packages is a
> benefit. Packages need a maintainer to enter, I think they should need
> one to stay.

Orphaned packages *are* maintained and supported by the QA group to a
degree.  They're not as closely maintained as the ideal regularly
maintained package is, and it takes a while to fix problems, but there are
people who look at the bugs and deal with major issues.

My point is that this is actually *better* than a depressing number of the
packages that have regular maintainers.

A while back, when that global ranking of packages based on various
criteria such as last maintainer upload, number of bugs, number of RC
bugs, number of lintian errors, and so forth was posted, there were no
orphaned packages in the top 150 problem packages.  Admittedly, that's
partly because number of NMUs since a maintainer upload was one of the
criteria and QA-maintained packages don't have that, but still.  That's
fairly impressive.

> Look at dcl as a random example. I think that not having a maintainer is
> quite a burden when security bugs such as the one fixed shortly before
> sarge release occur after release and this is when the upstream seems up
> to speed and people (here Joey Hess) in Debian track security reports
> globally, otherwise, security bugs might even go unnoticed.

I grant that security is one case where not having someone closely
monitoring the package can be a serious problem.

> Also, I'm not sure how much the important bug impedes the functioning of
> the package, IMHO it would be rather bad if new installation was
> impossible with postgresql without documenting it beforehand.  Using
> dbconfig-common probably would also be on a maintainer's todo list.  So
> really, while the QA maintenance is certainly fine ATM, the package
> probably isn't as well supported as we would expect from a designated
> maintainer.

That I would agree with, certainly.  It's definitely better for the
packages to be adopted, and one would expect better maintanence from a
regular maintainer.  I just don't think that mass-removing orphaned
packages just becaues they're orphaned is a good way of improving the
general quality of Debian.

Now I should go off and mentor some adoptions of orphaned packages.

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: