| 1 |
> On 6 May 2022, at 07:30, Arthur Zamarin <arthurzam@g.o> wrote: |
| 2 |
> |
| 3 |
> On 05/05/2022 23.08, Rich Freeman wrote: |
| 4 |
>> On Thu, May 5, 2022 at 3:27 PM Arthur Zamarin <arthurzam@g.o> wrote: |
| 5 |
>>> |
| 6 |
>>> This change will force all users to change their flow, or set the |
| 7 |
>>> configuration part - meaning it is a semi-breaking change. |
| 8 |
>> |
| 9 |
>> Since commits to the main repo without the signoff are going to get |
| 10 |
>> rejected anyway, if we decide to go ahead with this would it make |
| 11 |
>> sense to just have it abort by default if the config item or command |
| 12 |
>> line parameter is missing? |
| 13 |
>> |
| 14 |
>> If a user really wants to commit without a signoff they can just set |
| 15 |
>> --signoff=false, or the equivalent in the config file. |
| 16 |
>> |
| 17 |
>> Basically make it a non-optional parameter. |
| 18 |
> |
| 19 |
> Just a small addition. Sign-off is a "must" only for gentoo repo. |
| 20 |
> Overlays and other sources can have other policies. Meaning there is |
| 21 |
> value for having it an optional argument. |
| 22 |
> |
| 23 |
>> If this weren't a gentoo-specific tool I'd see making the behavior |
| 24 |
>> more generic, but it seems like if the default is going to be to help |
| 25 |
>> the user to shoot themself in the foot, it should just output some |
| 26 |
>> kind of explanation of the need for the parameter and what it means if |
| 27 |
>> it is not provided. |
| 28 |
> |
| 29 |
> But I do like the idea of showing a warning if gentoo repo is detected |
| 30 |
> and without signoff, with short explanation how to add or configure it. |
| 31 |
> |
| 32 |
|
| 33 |
I think I get both sides here and while I don't think it's ideal, I need to |
| 34 |
keep aside any reservations or hesitations I may have with the DCO model, |
| 35 |
as it's not the topic at hand. |
| 36 |
|
| 37 |
I think a decent compromise is a news item, warning on first use of some sort (news item |
| 38 |
kind of accomplishes this, but pkg_postinst maybe), and updated |
| 39 |
documentation. The config option to enable it is needed but that's already there |
| 40 |
so it works for me. |
| 41 |
|
| 42 |
Next step is to try figure out a way to make the contribution experience easier |
| 43 |
for users by not forcing them to use PGP (or making errors from gpg more visible |
| 44 |
in pkgdev commit). repoman suffered from the same issue where you'd write a commit |
| 45 |
message then it'd bail out. |
| 46 |
|
| 47 |
Thank you for reaching out and asking the community. I think you're handling |
| 48 |
the responsibility of maintenance well, and thank you for the work! |
| 49 |
|
| 50 |
> -- |
| 51 |
> Arthur Zamarin |
| 52 |
> arthurzam@g.o |
| 53 |
> Gentoo Linux developer (Python, Arch Teams, pkgcore stack, GURU) |
| 54 |
|
| 55 |
Best, |
| 56 |
sam |
Archives