[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#459868: debian-policy: Definition of Maintainer: when using a mailing list

Package: debian-policy
Severity: normal


I think policy should include some words on the usage of Mailinglists as
a Maintainer: address. The current "3.3 The maintainer of a package"

Every package must have a Debian maintainer (the maintainer may be one
person or a group of people reachable from a common email address, such
as a mailing list). The maintainer is responsible for ensuring that the
package is placed in the appropriate distributions.

The maintainer must be specified in the Maintainer control field with
their correct name and a working email address. If one person maintains
several packages, they should try to avoid having different forms of
their name and email address in the Maintainer fields of those

The format of the Maintainer control field is described in Maintainer,
Section 5.6.2.

If the maintainer of a package quits from the Debian project, "Debian QA
Group" packages@qa.debian.org takes over the maintainer-ship of the
package until someone else volunteers for that task. These packages are
called orphaned packages.[5]

I propose to add, someone please fix up en_GANNEFF:

If the Maintainer address points to a mailing list then that list must
be configured to accept mail from those role accounts in Debian used to
send automated mails regarding the package. This includes mail from the
BTS, all mails from the archive software used on ftp-master as well as
other role accounts that are commonly agreed on to send automated mails
to the maintainers. a sample implementation of such a whitelist for
mailman is running on alioth.debian.org.

Additionally I would like:

If the Maintainer: field points to a mailing list then the Uploader:
field has to contain at least one human.

Intention of the first paragraph is clear, and for about 95% of the
lists used also already true, thanks to sgran implementing it for
alioths mailman, so implementing it now doesnt make all packages
RC buggy.   Im not sure we should point directly to alioth from
within the paragraph, might be better as a footnote. We could also
mention that the whitelist definition on alioth is a good location to
look for the address regex to whitelist and that one should recheck
every X months...

The second paragraph is simple making sure there is at least one human
listed who is responsible.

bye Joerg
<liw> I'm a blabbermouth

Attachment: pgpRrg88NNGvQ.pgp
Description: PGP signature

Reply to: