Re: DM and pkg-perl (alternative proposal)

To: Gunnar Wolf <gwolf@gwolf.org>
Cc: debian-perl@lists.debian.org
Subject: Re: DM and pkg-perl (alternative proposal)
From: Frank Lichtenheld <djpig@debian.org>
Date: Sat, 8 Dec 2007 00:30:36 +0100
Message-id: <[🔎] 20071207233036.GW30992@planck.djpig.de>
Mail-followup-to: Gunnar Wolf <gwolf@gwolf.org>, debian-perl@lists.debian.org
In-reply-to: <[🔎] 20071207230137.GJ15345@cajita.gateway.2wire.net>
References: <20071126211549.GB5356@beetle.modsoftsys.com> <20071129072204.GA11871@rispa.it.helsinki.fi> <20071129121104.GC21982@modsoftsys.com> <[🔎] 20071207230137.GJ15345@cajita.gateway.2wire.net>

On Fri, Dec 07, 2007 at 05:01:37PM -0600, Gunnar Wolf wrote:
> When you and I were accepted as DDs, we were accepted on an
> all-or-nothing basis. And still, any person in the situation you are
> describing here would be passing two filters first: They have to have
> commit access to our group (which, I acknowledge, is not too high a
> bar to set - but still, we could change our inner processes), and they
> have to be accepted as DM (which, although by far not as hard as
> becoming DDs, is not an automatic task at all).

I know quite a few DDs who's packaging skills are not up to my
standards. Even more so on the sponsorship side. I have no real
hopes that DMs should be significantly better on average.

> I really doubt this will end up in a net liability. In fact, I'm much
> more wary of just giving commit access to our SVN tree. Why? Because
> uploading a package to unstable (even with urgency set to extreme) can
> do quite a bit of damage, although it should not really hamper any
> Debian resources (or credibility, for that matter, as unstable is
> supposed to be... well, unstable). However, people with SVN access
> _can_ do long-term harm to our project, either by systematically
> introducing bugs (which, yes, would be quite noticeable, but still),
> or even worse, by wiping our whole tree (which I understand is a
> possibility whenever you have commit access).

I strongly disagree with this paragraph. The amount of people who will
build a package from SVN and install it is very, very small compared to
the amount of people who will install a package which is only in
unstable for one day. And yes, SVN is suboptimal in that it doesn't ensure
the integrity of your data and the ability to recover from any malice
done to the central repository (like e.g. git does). But most of our
history is very boring, so we wouldn't loose all that much in the end.

> I think that over-elaborating on rules to allow or restrict who can
> upload what, which XS fields to use and the rules on the Uploaders
> field's handling is a net waste of energy...

Before DM it was (and the rules reflected that). Now I agree with
(starting in) a rather paranoid way. And given our good sponsorship record I
don't think that should hinder any non-DD contributor too much.

Gruesse,
-- 
Frank Lichtenheld <djpig@debian.org>
www: http://www.djpig.de/

Reply to:

Follow-Ups:
- Re: DM and pkg-perl (alternative proposal)
  - From: Gunnar Wolf <gwolf@gwolf.org>

References:
- Re: DM and pkg-perl (alternative proposal)
  - From: Gunnar Wolf <gwolf@gwolf.org>

Prev by Date: Re: DM and pkg-perl (summary, take 1)
Next by Date: Re: New perl packages uploaded to the SVN
Previous by thread: Re: DM and pkg-perl (alternative proposal)
Next by thread: Re: DM and pkg-perl (alternative proposal)
Index(es):
- Date
- Thread