>>>>> "Michael" == Michael Lustfield <michael@lustfield.net> writes:
Michael> Multiple concerns have been raised and subsequently
Michael> shrugged off. It's clear that no concern raised will make
Michael> any difference so, yeah... go for it.
Actually, Enrico provided a summary describing how the concerns that
have been raised have been evaluated; see
[🔎] 20200410183809.nchdmlkk6zdj7l2j@enricozini.org .
That message demonstrates changes that have been made in response to
concerns raised.
The primary example is better ability to figure out from a salsa user
page who is a DD.
It also explains the analysis of the other issues that were raised.
Significant effort was put into evaluating the concerns raised by Enrico
and others.
I appreciate your frustration, but your message crossed a line that I
would ask you not to cross again.
I would urge you to find a way to disagree with decisions and express
frustration without undermining the work of others.
I hear your desire to design a solution and get a project wide consensus
on that solution.
Long term, perhaps we'll do that.
However, Debian empowers maintainers of groups within our project to
move forward; Debian values incremental development; and Debian values
letting people actively doing the work have significant latitude in how
that work is done.
I think the bar for halting people going forward and making things
incrementally better is very high, and no, my take as someone who has
facilitated a lot of discussions is that none of the concerns raised met
that bar.
Things might be different if Enrico's decisions or work blocked other
people from going forward andexploring their own (potentially
longer-term) options.
That's not the case.
Much of the work Enrico proposes to do--for example adopting OIDC for
sso.debian.org and nm.debian.org--is common across all the solutions.
There have been a number of people who have looked at the work involved
in changing from one IDP (salsa) to another and concluded that it is
well within the sorts of changes we've made in Debian's sso architecture
over the years.
Independently of Enrico's proposal, and unremarked by everyone who is in
this discussion, debian.social has adopted the same strategy.
Even if nm.debian.org, contributors.debian.org and sso.debian.org were
not going to use salsa, we'd already have salsa being used as a sso
solution within Debian.
Sam Hartman
Debian Project Leader
Attachment:
signature.asc
Description: PGP signature