| 1 |
On Fri, Jul 22, 2022 at 06:32:42PM +0000, Robin H. Johnson wrote: |
| 2 |
> On Fri, Jul 22, 2022 at 02:56:33PM +0300, Joonas Niilola wrote: |
| 3 |
> > Cross-posting to gentoo-dev and -project lists due to technical and |
| 4 |
> > non-technical nature. Reply-to is set to -project. |
| 5 |
> ... |
| 6 |
> > 1st RFC: "Trusted contributor model" |
| 7 |
> > |
| 8 |
> > I'm proposing us to giving special commit access to our well-reputable |
| 9 |
> > contributors (mostly proxied maintainers). They'd have access _only_ to |
| 10 |
> > their maintained package in git-tree. To understand what I mean, check |
| 11 |
> > git shortlog -s -n net-im/telegram-desktop-bin/ |
| 12 |
> > git shortlog -s -n net-im/signal-desktop-bin/ |
| 13 |
> Conceptually, yes, I think this is a good improvement. I'd like upstream |
| 14 |
> to be included as well in this set, for upstreams that know their own |
| 15 |
> package much better than us. |
| 16 |
> |
| 17 |
> > On the technical side I'm not sure how to achieve this, but I know it |
| 18 |
> > can be done. For example the sync-repos are compiled like this all the |
| 19 |
> > time. If this proposal gains support, I'm willing to start figuring it |
| 20 |
> > out more in-depth. |
| 21 |
> Technically, I've got some implementation problems. |
| 22 |
> |
| 23 |
> We *can* write a simple gitolite ACL that limits scope to a directory or |
| 24 |
> file, e.g. CAT/PN/ |
| 25 |
> |
| 26 |
> BUT, we can't write a simple gitolite ACL that limits the content within |
| 27 |
> profiles/package.mask or other files in profiles/ (we can write hooks |
| 28 |
> that might be able to do this, but that still requires the challenge of |
| 29 |
> validation inside the file). |
| 30 |
|
| 31 |
I'm not sure this kind of ACL would be necessary. These kinds of |
| 32 |
changes are rare, and even if trusted contributors can't make them, |
| 33 |
the load would still be significantly decreased for the developers |
| 34 |
that proxy commits. |
| 35 |
|
| 36 |
> I'd EXPECT a contributor to WANT to package.mask a cutting edge version |
| 37 |
> so it has time to bake and get well-tested, but if they can't do both |
| 38 |
> parts of the commit themselves, this process is likely problematic. |
| 39 |
> |
| 40 |
> > 2nd RFC: Recruiting proven contributors without a mentor |
| 41 |
> > |
| 42 |
> > I'm aware recruiters don't really need to ask a permission here, but I |
| 43 |
> > believe it's great to gauge the general feelings about this beforehand. |
| 44 |
> > What would you say if recruiters started more actively approaching |
| 45 |
> > potential developers? |
| 46 |
> ... |
| 47 |
> > But seeing the general lack of interest towards mentoring, maybe this is |
| 48 |
> > something we _need_ to do in near future. |
| 49 |
> Yes, let's make it possible to join by the quiz, and the recruiting |
| 50 |
> only, mentors can be optional. |
| 51 |
> |
| 52 |
> But in parallel: |
| 53 |
> |
| 54 |
> It's been ~7 years since I last mentored somebody, mostly for reasons of |
| 55 |
> time with having young kids. |
| 56 |
> |
| 57 |
> How do we make the mentorship process more lightweight? |
| 58 |
> (and possibly the quiz process, I haven't seen how the quiz has changed |
| 59 |
> since I last mentored) |
| 60 |
> |
| 61 |
> Let's start with a potential intersection of your two ideas: |
| 62 |
> (these numbers are arbitrary, but try to reflect what I see some of the |
| 63 |
> trusted contributors doing) |
| 64 |
> - 9 good submissions (patches or PRs) over a 3 month period [must be at least 3/month] |
| 65 |
> - will get you an invite from recruiters to join |
| 66 |
> - either without a mentor, or a lightweight mentor |
| 67 |
> |
| 68 |
> -- |
| 69 |
> Robin Hugh Johnson |
| 70 |
> Gentoo Linux: Dev, Infra Lead, Foundation Treasurer |
| 71 |
> E-Mail : robbat2@g.o |
| 72 |
> GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 |
| 73 |
> GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136 |
Archives