[csw-maintainers] Non-Maintainer Uploads (NMUs)

Peter FELECAN pfelecan at opencsw.org
Sun Aug 11 17:09:40 CEST 2013

"Maciej (Matchek) Bliziński" <maciej at opencsw.org> writes:

> 2013/8/11 Peter FELECAN <pfelecan at opencsw.org>:
>>> When you're running csw-upload-pkg, it's too late. All such
>>> information must be inside the package, and that means it has to be
>>> done in GAR. Probably as a field in pkginfo.
>> How's that? The association is not done yet. That this association is
>> based on what's in the package I understand. What I don't understand is
>> how it's too late: the association is made after the invocation of
>> csw-upload-pkg and this can be inhibited in any system that I can
>> imagine, directly or by side effect.
> Yes, but inhibited based on what data? The only data the system has,
> is the contents of the package.
>> Consequently, if you tell me where
>> is the code responsible for the association I can review it and propose
>> a concrete modification.
> Is this the line you have in mind? This is where the mantis database
> update is done:
> http://sourceforge.net/p/opencsw-ruby/code/ci/master/tree/lib/csw/db/mantis.rb#l112

Yes. So, when csw-upload-pkg was invoked with --nmo, it must not modify
p.maintainer.username. But that is only the effect. We need to find a
place where the cause became reality.

>>> 1. When you upload a package, you become the package owner/maintainer.
>> The systematic of this association is what's annoying me.
> I think it should be named for what it is: who last uploaded the
> package. This is a useful piece of information and we should not
> inhibit it.

So, we must have another information which is the uploader, displayed on
our web infrastructure. Cannot be taken from the user name of who's
running csw-upload-pkg?

>>> 2. A package owner/maintainer is responsible for everything that's
>>> associated with the package, e.g. any current and future bugs.
>> This is not axiomatic and is what I wish to reasonably relax.
> Cool. We'll probably find a middle ground. A lot of that expectation
> revolves around wording used on our website.

As said above, we should add the information of the user having done the
NMU but keep the mantis ownership of the project.

>>> 3. You have a small contribution to make.
>> Quite often. If it's a maintained package I discuss it first with the
>> relevant person.
>>> 4. The benefit of the contribution does not outweigh the burden.
>> Again, it's not a question of burden but responsible
>> management. Dilution of responsibility is a very bad thing and is,
>> unfortunately, encountered more and more often in enterprise
>> environment. Lets not replicate that.
> We're very different from an enterprise environment. In enterprise,
> the employer pays for the employee's time, and the employee's
> obligation is to use the time in the way the employer wishes. In an
> open source project, people offer contributions based on their innate
> motivation. If someone doesn't want to perform a certain task, there
> is no way you can make them do it. If you try, they will simply walk
> away.

Agree with you. However, this doesn't diminish the need for
responsibility even though it's a voluntary responsibility: nobody force
somebody to be responsible of something. In the case in discussion the
current procedure induced by csw-upload-pkg &co force me to became the
maintainer which I don't wish because, in some cases, I'm just an
opportunistic actor.

>>> 5. Therefore, you do not make the contribution.
>> Even with the incurred burden I make it. The proof is in the logs.
> haha, I don't mean you personally. :) it's an expression as in
> "brushing your teeth is healthy". I can rephrase it as "people are
> less likely to contribute".

If we solve the issue in discussion we will have more contribution at
least from my part.

>>> You think that #2 is fine and you want to fix #1.
>> Not exactly.
>>> I think that #1 is fine and I want to fix #2.
>> We disagree on the "fineness" of #1 and this affirmation is in
>> contradiction with the answer that you give to my question about the
>> worthiness of my proposition.
> I understand that you didn't mean that the solution absolutely has to
> be a flag for csw-upload-pkg. You probably mean some method of
> indicating that you don't want your name to appear on the package's
> page. There are many possible ways to achieve that. (Also, I do
> believe that if you're building and pushing the package, it should be
> somehow reflected on the website.)

Is not that I don't want my name associated. On the contrary. If I've
done a NMU it must appear in our web infrastructure, e.g. on the QA
page, along the true owner of the package. By owner I mean the person
which is most willing to work on the package, to correct possible bugs,
bump version, &c.

More information about the maintainers mailing list