Re: Debian Maintainers GR Proposal
On Fri, 22 Jun 2007, Marc 'HE' Brockschmidt wrote:
> Anthony Towns <email@example.com> writes:
> > * multiple Debian developers have requested the individual's
> > removal for non-spurious reasons; eg, due to problematic
> > uploads, unfixed bugs, or being unreasonably difficult to
> > work with.
> This part is broken and shouldn't end up in a final proposal. We need to
> decide on actual rules, otherwise this can lead to endless flamewars.
We take non-binary decisions every day (MIA, hijack, etc.). This is just
one more of those. Usually it's pretty clear when someone isn't up to the
If you have some concrete rules, I'd be happy to discuss them, but
at this point I don't think that concrete rules would help (age of RC
bugs? bug severities can be discussed, changed. only 3 maintaineres
unhappy instead of the 4 required? what if those 3 are the Gnome
maintainers and the package is a Gnome one?).
This kind of decision concerning the level of quality that we expect in
Debian are not black/white and should not be decided as if they were.
> > 5) The intial policy for the use of the Debian Maintainer keyring with the
> > Debian archive will be to accept uploads signed by a key in that keyring
> > provided:
> I'm not too happy with this part. My idea was always to allow people
> upload rights for individual packages that have been checked once by a
> full DD - and even that doesn't make me happy.
> Anyway, something more constructive: I think that from a QA point of
> view, allowing DMs to only upload packages that were once checked by
> some trustworthy person is a lot better than your proposal.
I agree with you in the principle (and the first time this idea cropped
up, I understood it that way). However this doesn't scale very well... in
any big team, the usual DD maintainers should be able to grant upload
rights fairly easily to DM. If they have to make a new request each time
that they decide that a DM can have uploads rights on a new package, it's
going to be somewhat painful.
On the other side, like you, I feel uneasy with the fact that a DM would
get upload rights directly on any new package that a DD sponsors him... I
mean for every package it takes several rounds to get some confidence that
the maintainer is going to do a good job out of it.
One way to get out of this is to mark those new packages as maintained by
a new team "firstname.lastname@example.org" and to add the maintainer
in the Maintainer field only later once we trust him enough for that.
Would that be acceptable for you?
On the other side, the new DM team should probably track the list of
packages maintained by any DM and have some automatically generated
message informing them of the new packages that they can upload (and who
allowed that). That way it's easy to have some more reviews (in particular
when the sponsor is a DD that you may not fully trust).
Premier livre français sur Debian GNU/Linux :