| 1 |
On Wed, Jun 8, 2016 at 9:16 PM, Alexander Berntsen <bernalex@g.o> wrote: |
| 2 |
> It would be wise of us to create a novel way of involving users from |
| 3 |
> the ashes of Sunrise. |
| 4 |
> |
| 5 |
> Here is my suggestion: It would be fruitful to encourage every single |
| 6 |
> Gentoo user to have their own repository. And this repository should |
| 7 |
> be publicly available. |
| 8 |
> |
| 9 |
> This way we can merge useful things from people, and they can submit |
| 10 |
> pull-requests if they have useful things that are not in the tree. |
| 11 |
> Before merging anything to the main tree, ebuilds should of course be |
| 12 |
> carefully reviewed. Users could also review each other's ebuilds to |
| 13 |
> ensure better quality ebuilds. |
| 14 |
> |
| 15 |
> This could lead to a future where the Gentoo tree is largely |
| 16 |
> superseded. Every user would just have their own repository, where |
| 17 |
> they could pick and choose packages from other users. The Gentoo tree |
| 18 |
> would just focus on a high-quality repository of the basic/core things |
| 19 |
> that everybody needs. Gentoo devs would spend most of their time |
| 20 |
> maintaining curated small and useful repositories. |
| 21 |
> |
| 22 |
> |
| 23 |
> While there is some work to be done to facilitate my suggestion, it |
| 24 |
> should be a lot less work than Sunrise was. What we need short-term is |
| 25 |
> simply documentation where we encourage users to have their own |
| 26 |
> repositories that are available online. Next up would be setting |
| 27 |
> Portage up to expect a user repository from the get go. The initial |
| 28 |
> personal tree could be fork of the Gentoo tree with a remote 'gentoo' |
| 29 |
> that they can pull from (emerge could do this automatically). This |
| 30 |
> way, users who do not care at all, can just use Gentoo like they do |
| 31 |
> today. |
| 32 |
> |
| 33 |
> The final step is the most difficult (but then again we might never |
| 34 |
> get so far). It is two-fold. First we make the core/base repository. |
| 35 |
> Then we identify important subsets that can be logically separated |
| 36 |
> into repositories, and do this. |
| 37 |
> |
| 38 |
> Parallel to all this, we should work on tooling. It is unreasonable to |
| 39 |
> expect people to be git experts to be effective. The workflows for |
| 40 |
> managing user repositories doesn't need the full power of git anyway. |
| 41 |
> It would also be good to offer hosting insofar as possible to a set of |
| 42 |
> curated repositories we consider to be of high quality. |
| 43 |
> |
| 44 |
> |
| 45 |
> In the end, Gentoo might make a gigantic leap into the future with a |
| 46 |
> truly modular distribution. If anyone wants to look at distros that |
| 47 |
> get this more right than Gentoo, have a look at e.g. NixOS and Exherbo. |
| 48 |
> |
| 49 |
> What are your thoughts? |
| 50 |
|
| 51 |
Here's mine: |
| 52 |
|
| 53 |
Make the layman system more open (or have a version of layman that has |
| 54 |
more scope e.g. open-layman), but add tags to differentiate stable, |
| 55 |
official, or trusted overlays to those which aren't: outdated, |
| 56 |
under-provision, etc. We have to have an open web-based registration |
| 57 |
system where users can easily sign-up for their own overlay name which |
| 58 |
would be mapped to a supported repository service, like Github. The |
| 59 |
system would time and time check for each repository for activity, and |
| 60 |
check for updates. It would then update the database for packages |
| 61 |
which are provided by the overlay. Note that it doesn't have to |
| 62 |
always do repoman-like checks (or maybe it doesn't really have to), |
| 63 |
but it could just do it when a user asks for a request, which could be |
| 64 |
enqueued, and done only once in every update. |
| 65 |
|
| 66 |
With an open system, users would be encouraged to contribute since |
| 67 |
even if their works would not be accepted to be merged into the |
| 68 |
official repo, it would still be available to the public for anyone to |
| 69 |
use - where people could also easily find it. |
| 70 |
|
| 71 |
Everything about security should already be obvious. You can warn |
| 72 |
users, mask user overlays by default, etc. If we want, we can have a |
| 73 |
comment and upvote system for every package in every overlay where |
| 74 |
each is only dynamically created in the database if an upvote, |
| 75 |
downvote, or comment is made. |
| 76 |
|
| 77 |
If we are also concerned about overlay names that should only be used |
| 78 |
officially, we should warn users that if possible, they should only |
| 79 |
use unique names, and avoid common names, and tell them that we could |
| 80 |
take their names for official use if we want to, granting their name |
| 81 |
is arguably not unique. |
| 82 |
|
| 83 |
Transfer of a package to an official repository: |
| 84 |
|
| 85 |
If an official dev chooses to pull a package from a user overlay, |
| 86 |
automatically it should mean that he or another dev would take place |
| 87 |
in maintaining that package. This would prevent the issue of |
| 88 |
unmaintained packages, and dependencies among user overlays. |
| 89 |
|
| 90 |
Now some people might question this since it might just drive people |
| 91 |
to become normal contributors, and not official, but I think it's more |
| 92 |
helpful to the system than not, since it adds more activity, and a lot |
| 93 |
of users don't intend to become an official dev anyway. Besides, |
| 94 |
people can still become an official dev on later time if they would |
| 95 |
want to, or they can be persuaded to become one. |
| 96 |
|
| 97 |
--- |
| 98 |
konsolebox |
Archives