DM and pkg-perl
jeremiah.foster at ericsson.com
Thu Nov 22 08:43:10 UTC 2007
> From: Damyan Ivanov [mailto:dmn at debian.org]
> * PGP Signed by an unknown key: 11/21/2007 at 08:26:47 PM -=|
> gregor herrmann, Tue, Nov 20, 2007 at 11:35:54AM +0100 |=-
> > It is "wide-open" but I guess _if_ the group wants to use the DM
> > status it's the only realistic way to go.
> > What I'd like to see are statements of the active DDs of the group
> > before we make this not unimportant addition to our internal policy.
> My concern with this is that if agreeing to follow
> policies was enough, DMs might as well be treated as DDs :)
This is undoubtably a side effect of DM.
> Question 2: how to avoid this unintentional giving of upload rights?
> My answer to this is to clean Uploaders: list before
> uploading $P with DM-Yes from all non-DDs, except $A. This
> would mean we change our polocy about the Uploaders: field
> that whoever makes a change worth noting in changelog, adds
> him/herself to Uploaders. The nice thing about this policy is
> that it makes the contributor feel more responsible and
> easier for him/her to track his/her work via packages.qa.d.o
> pages. (Note that the fact that $B contributed to $P would
> not be wiped, as changelog would keep $B's entries).
> So, what do you think about such approach?
I think it is both good and bad.
Good because it models the way pkg-perl works now and that has proven to
be an effective method of collaboration allowing people to contribute
significantly to debian without having to become a DD.
Bad because the problem the DM was meant to solve is still present. The
goal is (presumably) to give rights to someone to independently upload
packages to debian. If they get that right, they should be considered
able to package software according to debian's standards - this has to
apply across teams, otherwise you need a team-based flag. In Damyan's
scenario, an unknown uploader has received approval, but they may or may
not be competent enough to create packages according to the standards
that have been informally adopted by the pkg-perl team. This requires a
DD to approve the package before uploading, thereby obviating the need
for a DM flag in the first place and keeping the DD approval process for
uploading packages essentially unchanged, just adding complexity.
The only way to avoid this, I feel, is to make sure that the quality of
the DM is sufficiently high that the DDs who oversee uploading feel
confident that the DM flag is reliable and therefor do not have to
manually check packages.
More information about the pkg-perl-maintainers