[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: supported Ruby packages

Hi Marc,

This thread has taken a turn it shouldn't have.
And I am not going to fight fire by fire. I'll try to be more
empathetic, as we all should.

On Mon, Jul 13, 2020 at 1:14 PM Marc Dequènes (duck) <duck@duckcorp.org> wrote:
> You are totally twisting my words. I gave you my understanding about how
> things are perceived in Debian.

I hear you. And I am sorry if you think I'm twisting them. I do not intend to.
I am just very upset over the fact that someone had to remove themselves
from the uploaders field because of this whole thread, which shouldn't have
happened in the first place.

> The only thing I think is bad about this
> situation is that there is no information anywhere about your decision
> to only care about unstable. I think users expect the whole of Debian's
> released suites and backports to be taken care of, and I think it's good
> to inform them. I'm not asking you do do more, I think we should inform
> and coordinate better, that's all. Beuc suggested
> debian-security-support and I think that's a very good idea.

This has been previously stated (somewhere) and I'd like to state it again:
I *do* take care of the stable updates of Rails.
I am not sure why people are assuming it's not supported. But since there's
confusion amongst all, I'd like to clear it so that we're on the same page.

I have been taking care of stable and oldstable and oldoldstable update
for Rails. And will continue to do so with the best of my ability (and time
and energy). But please know that they're limited, too.

If people see the tracker page, they'll know that it is being taken care of.
However, I did express that I am a little busy at this moment and might
not be able to take care of this CVE before the -pu window closes.

So TL;DR: no one has to worry about the security support for Rails.
It is being taken care of unless I give up or/and explicitly mention so.

I hope this should resolve the main purpose of this entire thread.

> Why do you say "claim"? Just because I'm not helping in your field of
> interest, or just because I have less energy to give Debian these last
> few years makes me a fraud?

It doesn't. I am sorry if I made you feel so.
Your work is very much appreciated. By me, by the team, and by the
entire (and wider) Debian community.

And so is Praveen's. And perhaps everyone would have guessed it by
now what made me feel very upset. And I still am. Pretty much.

> I think limiting yourself to unstable is really not
> something people would expect. If you decide to limit the field of your
> work without telling your team and users, then it's always going to
> cause misunderstandings.

There seems to be a misunderstanding in understanding the misunderstanding.
There were 3 (thanks to this thread, 2 now) uploaders and care-takers of rails.
Praveen has been doing such an amazing job in maintaining and taking care
of Rails and its transition.

And I do take of other little things and the stable updates.
There are no pending CVEs (except for the new bunch where I expressed
I am busy!).

Perhaps it should help us understand a part of that misunderstanding?
Let me know if I am still not clear.

> One good example is when Antonio took advantage of Debconf to come and
> tell us that it was too much for him and needed several packages off his
> shoulders. He asked kindly and I'm happy that with Kanashiro-kun were
> able to help a little bit. If you feel bad about your 157 packages,
> which is really a lot, then maybe you should consider telling the team.
> If the team as it is is not well staffed for so many packages then
> that's something the team has to solve.

Huh!? I send RFH emails after meetings for rails. Nobody replies to that.
Praveen and I, both have sent several emails that weren't replied to.

So *please* really re-evaluate the condition already :)

> I said I was not aware of this limitation (nor were the other teams
> obviously) and I think we should improve on that. Noone replied to that.
> I suggested we look into debian-security-support and noone replied to
> that either.

Because there seems to be nothing to reply for.
Cleared it above, it is being taken care of as it has been so far.

I don't think there's anything that needs to be done here.

> Here I have no authority whatsoever, I'm not pressuring anyone, just
> expressed my opinion and I got a very aggressive reply in return.

I would still ask you to re-evaluate the situation here.
I am sorry for the "very aggressive" reply, which shouldn't have been
felt and written if the initial mail from your end could have been a little
more empathetic and not costing what it did.
I still feel strongly and sadly about it. So just know that you're not the
only one.

> That's really one good reason why I feel bad in many places in Debian even
> when I'm not involved directly. I was happy to be in this more friendly team
> so far, so maybe there's a way to restore that?

Yes, please. The Ruby team is more like a family. And I'd like to reinstate the
same belongingness if it's anyhow lost in the first place.
(and I do believe that there are heated arguments sometimes but it shouldn't
change the relations and equations b/w us)

That said, I am sorry and I hope we can be more empathetic in our very first
words itself.

*hugs*


Best,
Utkarsh
Reply to: