Marc 'HE' Brockschmidt wrote: > That's a bit weird. He produces a package with a major bug, ignores > *all* hints by lintian and is now rewarded for that by getting upload > permissions? It's also a bit weird for someone to have their upload ability immediately removed for making any sort of technical mistake. This is not the worst mistake I've seen uploaded, nor is it the first time I've seen a maintainer ignore lintian errors. (With that said, it looks like Myon has removed him.) > Also, perhaps this event is a sign that the current review process is > not perfect yet. Do you mean the sponsorship review process, or the DM review process? The worst thing about this to my mind is that the package got sponsored into the archive over a month ago. As for DM review, DMs are not supposed to need to know everything that T&S would test. They're supposed to still be learning, and the DM process is supposed to be more lightweight than the newmaint process. So it's ok for a DM to not know how to limit an arch dependent package to only build on a given set of architectures. It's clearly not acceptable for them to have created a package a month ago that papers over lintian errors about including a precompiled binary in an arch indep package. The most important data I have when I'm reviewing a DM is the advocacy messages. If I see the AM say, "he's already nearly passed Tasks and Skills" and a sponsor say, "diligent in looking after his packages and dealing with bug reports", I have to assume the first adovocacy statement is accurate, and it's tempting to also assume the second statement is accurate. I did look at Kartik's open bugs before accepting him, but the bug hadn't been filed yet. It's important that these messages be detailed and accurate. If someone needs to review a DM's existing packages in detail before they are added, I'd hope the advocates could do that, and discuss the review in their advocacy messages. But would such a review be any better than the review the DM's sponsor should have performed before uploading their package in the first place? -- see shy jo  The time I uploaded a menu-method file that accidentially did a rm -rf $FOO/$BAR (FOO=BAR="") as root is my favorite horrible, deadful, should have gotten me banned from Debian for life mistake.
Description: Digital signature