1 |
On Thu, 2006-03-23 at 10:09 +0000, Chris Bainbridge wrote: |
2 |
> Reduced responsibility for package QA (I expect "we don't care about |
3 |
> overlays" to become a standard response on bugs.g.o) |
4 |
|
5 |
You will *definitely* get this from developers that won't be using the |
6 |
overlays. |
7 |
|
8 |
Let's just say you decide to use a toolchain overlay and it exposes some |
9 |
problem in random app foo because you're using gcc 5.1.99 and we only |
10 |
have 4.0 in the tree. You file a bug against package foo without a |
11 |
patch. I'm the maintainer. You've now made me spend my time supporting |
12 |
something that isn't even in the tree, and could be an artifact of the |
13 |
overlay itself and something that will *never* end up in the tree. Why |
14 |
should I do this? What we have done here is actually *reduced* the |
15 |
amount of productive work that I can do by forcing me to deal with these |
16 |
overlays, even if I choose not to participate. |
17 |
|
18 |
> Surely the solution is to provide that safety net within the tree? |
19 |
> Rather than pushing changes into a live tree, push them into a testing |
20 |
> tree, then after they pass repoman/QA checks, and a build check, apply |
21 |
> the changes to the live tree, otherwise email a rejection. And allow |
22 |
> developers to add their own testing ebuilds to the tree (for a start, |
23 |
> they will be more widely tested). |
24 |
|
25 |
While this would be great, there is one major obstacle that people miss. |
26 |
Horsepower. |
27 |
|
28 |
Let's say I add a new openoffice ebuild to the tree for a security bug. |
29 |
We now have to wait how many hours for it to hit the tree? What if the |
30 |
KDE team is committing a new KDE version at the same time? I'm sure you |
31 |
can guess how this could bring all of our development to a complete and |
32 |
grinding halt. |
33 |
|
34 |
I wouldn't mind seeing an actual "unstable" designation added to |
35 |
KEYWORDS. The basic premise would be like package.mask packages where |
36 |
things can be done *within the tree* but still has the same air of "this |
37 |
might be totally busted at some point" as overlays. Users would be very |
38 |
unlikely to run unstable on their machines. Heck, we could even make it |
39 |
impossible to actually use unstable globally if we wanted to. The whole |
40 |
point is that I completely agree with you, a better solution would be to |
41 |
try to work within the tree to resolve this problem, rather than moving |
42 |
it outside the tree and into hundreds of individual overlays, which |
43 |
could be conflicting with each other. |
44 |
|
45 |
> The current system of overlay usage is very annoying for users, |
46 |
> particularly when bugs are hanging around with packages in the tree, |
47 |
> and after filing bug reports the user is told that the bug is already |
48 |
> fixed in the overlay. Or when new packages are added to overlays |
49 |
> instead of the tree. How are users expected to find them? |
50 |
|
51 |
They should not have to. It's as simple as that. Bugs in the tree |
52 |
should be fixed in the tree. New packages should be added to the tree. |
53 |
If it isn't a candidate for ~arch, then add it under package.mask |
54 |
instead. That is why we have package.mask in the first place. |
55 |
|
56 |
> Another thing that needs fixing is the massive number of packages that |
57 |
> aren't really maintained. Either the maintainer doesn't respond to |
58 |
> bugs, or the package is maintained by a herd and so no one feels it's |
59 |
> actually their responsibility to deal with the boring bugs, and when |
60 |
> some developer outside of the herd comes across it, they feel like |
61 |
> they can't fix the bug without stepping on someone's toes. What's |
62 |
> worse is that in a lot of these cases there will be a user on bugs.g.o |
63 |
> posting fixes and new ebuilds, and yet they never make it into the |
64 |
> tree. |
65 |
|
66 |
This is really both a political/social problem and one of manpower. |
67 |
There's a lot more users out there than there are developers. There are |
68 |
many developers out there who aren't quite so territorial. The main |
69 |
thing is us being civil with each other. There are many times where a |
70 |
developer wants to make a fix or change to a game. If they ask us, we |
71 |
let them. It's that simple. Heck, we usually ask them if they want to |
72 |
maintain it. Also, a herd is a group of packages, not a group of |
73 |
developers. A group of developers could share responsibility in looking |
74 |
out for a herd (or many) but they are not a herd themselves. |
75 |
|
76 |
> A system where developer ebuilds are kept in the tree, and users have |
77 |
> a way to automatically contribute ebuilds, either human reviewed, or |
78 |
> in some reputation based system, would be very useful. Users also need |
79 |
> feedback - how many times does a user submit an ebuild via bugzilla to |
80 |
> be told that it doesn't meet QA standards? Why isn't there a system in |
81 |
> place to run repoman/QA/build checks on user ebuilds/patches to make |
82 |
> sure they are fixed *before* being submitted for inclusion into the |
83 |
> tree? And if this could be linked to a bug reporting system where |
84 |
> people report/fix individual ebuilds or packages, and I can just type |
85 |
> 'gbugs -l pkgname' and get a list of problems and fixes that other |
86 |
> people have proposed, even better. |
87 |
|
88 |
Ebuilds that are human reviewed are exactly what we have now. The |
89 |
process isn't automated, but it cannot be automated if you expect human |
90 |
review. Automated review isn't possible, as it is very easy to work |
91 |
around automated tests to do something completely malicious in an |
92 |
ebuild. There should *always* be the human factor before *anything* |
93 |
makes it into the tree. Our reputation and even the stake of Gentoo as |
94 |
a whole depends on our reliability. |
95 |
|
96 |
As for ebuilds meeting QA standards, most developers that I am aware of |
97 |
will inform the user of how to make their ebuild better, and even point |
98 |
them to relevant documentation to assist them, expecting the user to |
99 |
make the changes. This makes for better submission and informs the user |
100 |
so they don't make the same mistake twice. All in all, it is good for |
101 |
all involved. Any developer that is closing a bug without reason is in |
102 |
the wrong. It is as simple as that. Saying something doesn't meet QA |
103 |
is bunk *unless* they also point you to reasons *why* it fails QA. |
104 |
|
105 |
As for bugs being posted, you're more than welcome to use "ALL pkgname" |
106 |
as a search on bugzilla to get anything related to that package. |
107 |
There's even a few command-line bugzilla query tools. |
108 |
|
109 |
> I'm not sure whether the answer is more openness of the existing |
110 |
> system, some custom submission flow system, or a distributed SCM, but |
111 |
> I do think there's a lot that could be changed to make things better. |
112 |
|
113 |
See, I 100% disagree that this is a technical problem. It cannot have a |
114 |
technical solution. Want better developer/user relations? Start |
115 |
talking amongst ourselves. Talk to other users. Talk to other |
116 |
developers. |
117 |
|
118 |
I tend to think our biggest failure is communication. Improve our |
119 |
communication and we'll improve Gentoo. Together. |
120 |
|
121 |
-- |
122 |
Chris Gianelloni |
123 |
Release Engineering - Strategic Lead |
124 |
x86 Architecture Team |
125 |
Games - Developer |
126 |
Gentoo Linux |