[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Unofficial repositories on 'debian' domains

Ben Hutchings <ben@decadent.org.uk> writes:

> Looking at the front page of http://www.debian-multimedia.org/ today, I
> don't see a clear statement that it is unofficial.

There are a ton of hints, nevertheless. I'd like to think that someone
who's adding sources.list entries to his config will spend a moment or
two and look through the page.

A few hints, I, as a user, would find interesting:

* "The first package to install is debian-multimedia-keyring." (near the

* "If you find some broken dependencies or bugs in these packages, tell
  me and don't report bugs to the BTS.  Upstream bug report should be
  sent to the respective author."


* "© 2002-2011 Christian Marillat"

There's also the donate button, and a design that doesn't resemble
Debian.org's design in any way, and a lot of other small things.

Perhaps a clearer statement could be added, but I believe that when
someone adds a sources.list line, it's safe to assume that anything not
ending with .debian.org might very well not be official.

> If you already know the project well, you should know that our official
> web sites are all under debian.org (though there is still an exception
> to that: debconf.org).  Also, if you look closely, you can infer it from
> the references to 'official packages', and down at the bottom of the
> page there is a note not to use the Debian BTS.

Indeed. But, perhaps its just me, but I'm on the opinion that until
one's familiar enough with Debian, s/he shouldn't go around adding
repositories. Once one had a look at debian.org, and heard about
third-party repositories, it becomes quite obvious when one encounters
an unofficial mirror.

> Perhaps we need some kind of policy for DDs establishing unofficial
> repositories under 'debian' domains.  Nothing too bureaucratic, just a
> standard disclaimer that these are the responsiblity of the developer
> that established the repository.  Maybe also require redirecting bug
> reports, if the repository isn't maintained by or which the blessing of
> the official package maintainer.

I wouldn't go that far. If anything, I'd put it in our docs, that
anything other than .d.o might not be official, and should be used with
caution. (And to consult the official list of mirrors, if one's looking
for a mirror)

The reason being, we can control our docs, and I'd expect our users to
at least glance through it, from time to time. This way, it'd be
documented once, translated into a million languages, and everyone's
happy. We wouldn't need to come up with boring texts to put on apt
repositories resting on .debian.net domains and suchlike.


Reply to: