| 1 |
On Fri, 2006-06-09 at 07:44 -0400, Peter wrote: |
| 2 |
> Firstly, I think it is very clear that anything in sunrise is experimental |
| 3 |
> or not supported in the main gentoo tree. That's fine! I don't think any |
| 4 |
> user who goes through the trouble to set up an overlay would miss that |
| 5 |
> point. You can't go to o.g.o and not see the disclaimers. And, anyone who |
| 6 |
> goes through the trouble to svn the overlay, edit make.conf, etc., would |
| 7 |
> not be an ignorant newbie (no disrespect to newbies intended). Anyone who |
| 8 |
> fetches the sunrise overlay would know exactly what he/she intends to do |
| 9 |
> and why. Much different than emerge --sync with keyword x86. |
| 10 |
|
| 11 |
Sorry, but if it isn't supported, it doesn't belong on Gentoo |
| 12 |
infrastructure. |
| 13 |
|
| 14 |
> Secondly, my bias against a third party repository is perhaps unwarranted. |
| 15 |
> I am sure the bmg site is excellent and the people running it are |
| 16 |
> well-intentioned and experienced. However, that said, as a user, I have a |
| 17 |
> higher comfort level staying in the gentoo.realm. |
| 18 |
|
| 19 |
Again, you are *proving* the point on why this would be bad. It would |
| 20 |
be not nearly as well maintained, yet users such as yourself will have |
| 21 |
this rose-colored perception that "it's from Gentoo, so it must be |
| 22 |
good." This is the *exact* thing that I am trying to avoid. This will |
| 23 |
*not* be from Gentoo and it will *not* be good. |
| 24 |
|
| 25 |
> Thirdly, the opportunity to be able to publish ebuilds that would |
| 26 |
> otherwise languish in bugzilla is very exciting. I think it also gives the |
| 27 |
> bugday people an opportunity to close out bugs. Despite what others have |
| 28 |
> written, having multi-year old bugs is very counter productive. If |
| 29 |
> something has not been fixed in so long, it probably either can't be |
| 30 |
> fixed, or may not even apply anymore. I know this is a generalization, but |
| 31 |
> if a bug was filed against gentoo 2004.3, who knows if it still applies |
| 32 |
> with gentoo 2006.0. Especially if there has been little or no activity. |
| 33 |
|
| 34 |
Perhaps there is no activity because the interest is not there? Nobody |
| 35 |
seems to be taking this into account. |
| 36 |
|
| 37 |
If you really think your package should be added to the tree, then add |
| 38 |
yourself to CC, get your friends on CC, drum up some support in the |
| 39 |
forums, find yourself a developer to proxy maintain for you. We don't |
| 40 |
need a dumping ground for abandoned or little-use ebuilds. |
| 41 |
|
| 42 |
> Personally, I don't see the conflict, or the risk, or the additional work |
| 43 |
> for devs. In fact, I see the opposite. Removing maintainer-wanted bugs is |
| 44 |
> a net positive. If that means the proposed ebuild lives in o.g.o that's |
| 45 |
> fine. Just point users who see the bug over to it. And, if an ebuild |
| 46 |
> proves to be useful, or popular, it's conceivable that it could ultimately |
| 47 |
> find its way over to the main tree. |
| 48 |
|
| 49 |
Well, I've done about as good as I can do to point out how it would be |
| 50 |
additional work and a major risk. If you cannot see it, there's not |
| 51 |
much else I can do. Luckily, a growing number of official developers |
| 52 |
*do* see the risks and are taking a stand against this egregious waste |
| 53 |
of time. |
| 54 |
|
| 55 |
> As for the more sinister aspects of a rogue ebuild finding its way onto |
| 56 |
> o.g.o, sure that's a possibility. However, any dev could do the same in |
| 57 |
> portage because they have commit access (and the problem may not be |
| 58 |
> caught right away). Moreover, it's possible that an ebuild may be fine, |
| 59 |
> but a particular version of a package tarball could have outright |
| 60 |
> malicious code or an undetected security hole in it that has not been |
| 61 |
> caught yet. That could find its way onto portage too. IMHO, I don't see |
| 62 |
> any more risk to security in o.g.o. |
| 63 |
|
| 64 |
Sure, a developer could be a risk, but they've gone through much more |
| 65 |
extensive checking and testing than some user who submitted an ebuild to |
| 66 |
a bug. |
| 67 |
|
| 68 |
> Again, I think you need to consider your audience for o.g.o. The newbie |
| 69 |
> won't be there or be syncing to o.g.o. The server admin probably would not |
| 70 |
> be there either for updating a production machine. I think the main |
| 71 |
> audience for o.g.o. would be the power user, or the wannabe power user or |
| 72 |
> certain project teams, or people with a particular interest or need in a |
| 73 |
> project not hosted on the main tree -- that is people who actively need |
| 74 |
> sunrise's services. |
| 75 |
|
| 76 |
You're absolutely right. We need to think of the audience. The |
| 77 |
overlays.gentoo.org project was touted as a way to foster the community |
| 78 |
and to help *developers* develop things that might be intrusive to the |
| 79 |
portage tree, as well as allow for easier non-developer contributions. |
| 80 |
It was *never* touted as a place where we would allow dumping of |
| 81 |
half-correct, unsupported, and only marginally quality ebuilds for mass |
| 82 |
user consumption. |
| 83 |
|
| 84 |
> And, looking at this from a broader perspective, I see this as a real |
| 85 |
> enhancement to gentoo. Offering an experimental tree for packages not |
| 86 |
> intended or not wanted in the main tree. This is an added benefit, it |
| 87 |
> demonstrates a policy of inclusion, not exclusion. It shows a willingness |
| 88 |
> to push the envelope and give certain packages a home where they would not |
| 89 |
> normally get one. |
| 90 |
|
| 91 |
It also shows that we're not concerned with quality or providing a |
| 92 |
consistent experience where things are meant to work together. It shows |
| 93 |
our complete lack of commitment to the safety of our users. It shows |
| 94 |
that we really are nothing more than a bunch of ricers that will take |
| 95 |
the quick and easy approach, rather than doing things right. |
| 96 |
|
| 97 |
No thanks... |
| 98 |
|
| 99 |
-- |
| 100 |
Chris Gianelloni |
| 101 |
Release Engineering - Strategic Lead |
| 102 |
x86 Architecture Team |
| 103 |
Games - Developer |
| 104 |
Gentoo Linux |
Archives