[gentoo-dev] Bugzilla package list editing

[gentoo-dev] Bugzilla package list editing

[Mart Raudsepp]

Hello,

I would like to point out that the package list is under the
responsibility of the maintainers whose packages are getting
stabilized, and therefore at least after the point architectures are
CC'ed by maintainer, this field is completely off limits for any non-
maintainer edits whatsoever.

This is just like it was prior to this package list field existing with
long package lists in attachments or short lists in comments. No non-
maintainer was supposed to be going around and changing these things,
nor did they really.
However I constantly get these changed on me now with the package list
feature and I need to constantly go reverting them around with a re-
copypaste from my separate text file with the list (which I mostly need
to keep separately due to aforementioned non-maintainer edits).

Please stop editing package lists when you are not the maintainer and
arches are already CCed.
Alternatively I am forced to start using attachments again (now with
the stabilization list flag), which is more inconvenient to get updates
in by the maintainer.


Thank you,
Mart

Re: [gentoo-dev] Bugzilla package list editing

[Andreas K. Huettel]

[-- Attachment #1: Type: text/plain, Size: 388 bytes --]

Am Sonntag, 30. April 2017, 12:29:46 CEST schrieb Mart Raudsepp:
> 
> Please stop editing package lists when you are not the maintainer and
> arches are already CCed.
>

+1

Please stop it.
And yes that's also true for arch team members.

Package list is maintainer territory.

-- 
Andreas K. Hüttel
dilfridge@gentoo.org
Gentoo Linux developer (council, perl, libreoffice)

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Paweł Hajdan, Jr.]

[-- Attachment #1.1: Type: text/plain, Size: 600 bytes --]

On 02/05/2017 02:31, Andreas K. Huettel wrote:
> Am Sonntag, 30. April 2017, 12:29:46 CEST schrieb Mart Raudsepp:
>> Please stop editing package lists when you are not the maintainer and
>> arches are already CCed.
> +1
> 
> Please stop it.
> And yes that's also true for arch team members.
> 
> Package list is maintainer territory.

Curious, what are the reasons and what changes people make that they
shouldn't?

I'm wondering if there's some solution to these issues (maybe better
documentation, or an alternative way of accomplishing what these people
try to do).

Paweł



[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 827 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Chí-Thanh Christopher Nguyễn]

Paweł Hajdan, Jr. schrieb:

>>> Please stop editing package lists when you are not the maintainer and
>>> arches are already CCed.
>> +1
>>
>> Please stop it.
>> And yes that's also true for arch team members.
>>
>> Package list is maintainer territory.
> Curious, what are the reasons and what changes people make that they
> shouldn't?
>
> I'm wondering if there's some solution to these issues (maybe better
> documentation, or an alternative way of accomplishing what these people
> try to do).

As dilfridge pur jer in CC, I guess that some of jer's changes to bugs 
were not welcomed by maintainers.

One recent example of non-maintainer activity in the package list field 
is bug 613104, where he just removed the entire package list (and then 
marked the bug WONTFIX).
Also very common is that he changes fully qualified package names (which 
is the correct syntax per [1]) into fully qualified package atoms (which 
is the legacy syntax). Bug 616260 is one such example.


Best regards,
Chí-Thanh Christopher Nguyễn

[1] https://bugs.gentoo.org/page.cgi?id=fields.html

Re: [gentoo-dev] Bugzilla package list editing

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 397 bytes --]

>>>>> On Tue, 2 May 2017, Chí-Thanh Christopher Nguyễn wrote:

> Also very common is that he changes fully qualified package names
> (which is the correct syntax per [1]) into fully qualified package
> atoms (which is the legacy syntax). Bug 616260 is one such example.

> [1] https://bugs.gentoo.org/page.cgi?id=fields.html

Can't the stable-bot enforce the correct syntax?

Ulrich

[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Andreas K. Huettel]

[-- Attachment #1: Type: text/plain, Size: 884 bytes --]

Am Dienstag, 2. Mai 2017, 14:32:13 CEST schrieb Ulrich Mueller:
> >>>>> On Tue, 2 May 2017, Chí-Thanh Christopher Nguyễn wrote:
> > Also very common is that he changes fully qualified package names
> > (which is the correct syntax per [1]) into fully qualified package
> > atoms (which is the legacy syntax). Bug 616260 is one such example.
> > 
> > [1] https://bugs.gentoo.org/page.cgi?id=fields.html
> 
> Can't the stable-bot enforce the correct syntax?

A little bird already mentioned to me that the stable bot ignores bugs filed by 
one particular developer, who insists to repeatedly fill in invalid data and 
can't be taught otherwise.

(And that's just about the maximum level of "enforcement" possible here. 
Should be effective on the long run though.)


-- 
Andreas K. Hüttel
dilfridge@gentoo.org
Gentoo Linux developer (council, perl, libreoffice)

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Jeroen Roovers]

On Tue, 02 May 2017 14:32:13 +0200
Ulrich Mueller <ulm@gentoo.org> wrote:

> >>>>> On Tue, 2 May 2017, Chí-Thanh Christopher Nguyễn wrote:  
> 
> > Also very common is that he changes fully qualified package names
> > (which is the correct syntax per [1]) into fully qualified package
> > atoms (which is the legacy syntax). Bug 616260 is one such
> > example.  
> 
> > [1] https://bugs.gentoo.org/page.cgi?id=fields.html  
> 
> Can't the stable-bot enforce the correct syntax?

Correct syntax, you say?

[1] says:
"""
= Version Dependencies =
Sometimes a particular version of a package is needed. Where this is
known, it should be specified. A simple example:

DEPEND=">=dev-libs/openssl-0.9.7d"
"""

What happens when you want an exact version? Can you write

"""
DEPEND="dev-libs/openssl-0.9.7d"
"""

instead? (Don't answer that, keep reading.)


[2] says:
"""
       Atom Prefix Operators [> >= = <= <]
              Sometimes you want to be able to depend on general
       versions rather than specifying exact versions all the time.
       Hence we provide standard boolean operators:

              Examples:
                   >media-libs/libgd-1.6
                   >=media-libs/libgd-1.6
                   =media-libs/libgd-1.6
                   <=media-libs/libgd-1.6
                   <media-libs/libgd-1.6
"""


PMS does not define what a valid atom looks like, except that it
somehow doesn't describe atoms to begin with, apparently because that
has yet to be replaced with something better, or is perhaps up to the
PM to define. Where the PM is sys-apps/portage, the syntax that someone
with the correct privileges managed to add to bugs.gentoo.org without
any reconciliation with the community.

As long as this is not resolved:

   # emerge -vp net-misc/youtube-dl-2017.05.01
   !!! 'net-misc/youtube-dl-2017.05.01' is not a valid package atom.
   !!! Please check ebuild(5) for full details.

and as long as this works:

   # emerge -vp =net-misc/youtube-dl-2017.05.01

   These are the packages that would be merged, in order:

   [ebuild     U ~] net-misc/youtube-dl-2017.05.01::gentoo
   [2017.04.26::gentoo] USE="offensive {-test}"
   PYTHON_TARGETS="python2_7 python3_4 -python3_5 -python3_6B

   Total: 1 package (1 upgrade), Size of downloads: 0 KiB


I suggest these privileged people try to come to their senses and stop
appropriating bits of the Gentoo Project because of differences in
opinion.

I also suggest that the people who half finished the work on getting
the Package list going also finish the work and implement rigorous
checks for sys-apps/portage compliance, which would actually help
present automated target lists to test systems that don't need
any mangling, ever again.


plz,
     jer


PS: It might be a week before I feel like reading the "don't touch my
stuff" cabal again, so please don't mind if I happen to touch your
stuff while you work out what's wrong with your attitude.



[1]
https://devmanual.gentoo.org/general-concepts/dependencies/index.html
[2] https://dev.gentoo.org/~zmedico/portage/doc/man/ebuild.5.html

Re: [gentoo-dev] Bugzilla package list editing

[Mike Gilbert]

On Thu, May 4, 2017 at 11:42 AM, Jeroen Roovers <jer@gentoo.org> wrote:
> On Tue, 02 May 2017 14:32:13 +0200
> Ulrich Mueller <ulm@gentoo.org> wrote:
>
>> >>>>> On Tue, 2 May 2017, Chí-Thanh Christopher Nguyễn wrote:
>>
>> > Also very common is that he changes fully qualified package names
>> > (which is the correct syntax per [1]) into fully qualified package
>> > atoms (which is the legacy syntax). Bug 616260 is one such
>> > example.
>>
>> > [1] https://bugs.gentoo.org/page.cgi?id=fields.html
>>
>> Can't the stable-bot enforce the correct syntax?
>
> Correct syntax, you say?
>
> [1] says:
> """
> = Version Dependencies =
> Sometimes a particular version of a package is needed. Where this is
> known, it should be specified. A simple example:
>
> DEPEND=">=dev-libs/openssl-0.9.7d"
> """
>
> What happens when you want an exact version? Can you write
>
> """
> DEPEND="dev-libs/openssl-0.9.7d"
> """
>
> instead? (Don't answer that, keep reading.)
>
>
> [2] says:
> """
>        Atom Prefix Operators [> >= = <= <]
>               Sometimes you want to be able to depend on general
>        versions rather than specifying exact versions all the time.
>        Hence we provide standard boolean operators:
>
>               Examples:
>                    >media-libs/libgd-1.6
>                    >=media-libs/libgd-1.6
>                    =media-libs/libgd-1.6
>                    <=media-libs/libgd-1.6
>                    <media-libs/libgd-1.6
> """
>
>
> PMS does not define what a valid atom looks like, except that it
> somehow doesn't describe atoms to begin with, apparently because that
> has yet to be replaced with something better, or is perhaps up to the
> PM to define. Where the PM is sys-apps/portage, the syntax that someone
> with the correct privileges managed to add to bugs.gentoo.org without
> any reconciliation with the community.
>
> As long as this is not resolved:
>
>    # emerge -vp net-misc/youtube-dl-2017.05.01
>    !!! 'net-misc/youtube-dl-2017.05.01' is not a valid package atom.
>    !!! Please check ebuild(5) for full details.
>
> and as long as this works:
>
>    # emerge -vp =net-misc/youtube-dl-2017.05.01
>
>    These are the packages that would be merged, in order:
>
>    [ebuild     U ~] net-misc/youtube-dl-2017.05.01::gentoo
>    [2017.04.26::gentoo] USE="offensive {-test}"
>    PYTHON_TARGETS="python2_7 python3_4 -python3_5 -python3_6B
>
>    Total: 1 package (1 upgrade), Size of downloads: 0 KiB
>
>
> I suggest these privileged people try to come to their senses and stop
> appropriating bits of the Gentoo Project because of differences in
> opinion.
>
> I also suggest that the people who half finished the work on getting
> the Package list going also finish the work and implement rigorous
> checks for sys-apps/portage compliance, which would actually help
> present automated target lists to test systems that don't need
> any mangling, ever again.
>
>
> plz,
>      jer
>
>
> PS: It might be a week before I feel like reading the "don't touch my
> stuff" cabal again, so please don't mind if I happen to touch your
> stuff while you work out what's wrong with your attitude.

As far as I can tell, you are the only person who has a problem with
the package list format, and you refuse to adapt to it, or even talk
about it in reasonably.

Having a format that requires no mangling would also require that the
list be identical for all arches. That would mean filing separate bugs
for any difference in keywording across the entire package list; that
seems like quite a lot of work for little benefit.

The format is meant to be easy to mangle as-needed, not as a
straight-up copy/paste.

Re: [gentoo-dev] Bugzilla package list editing

[Ulrich Mueller]

[-- Attachment #1: Type: text/plain, Size: 1381 bytes --]

>>>>> On Thu, 4 May 2017, Jeroen Roovers wrote:

>        Atom Prefix Operators [> >= = <= <]
>               Sometimes you want to be able to depend on general
>        versions rather than specifying exact versions all the time.
>        Hence we provide standard boolean operators:

>               Examples:
>                    >media-libs/libgd-1.6
>                    >=media-libs/libgd-1.6
>                    =media-libs/libgd-1.6
>                    <=media-libs/libgd-1.6
>                    <media-libs/libgd-1.6

Irrelevant here. The package list in bugs is not a dependency
specification, but just a list of qualified package names and
versions.

> PMS does not define what a valid atom looks like, except that it
> somehow doesn't describe atoms to begin with, apparently because
> that has yet to be replaced with something better, or is perhaps up
> to the PM to define. [...]

PMS got rid of the ambiguous "atom" term 10 years ago, in favour of
"package dependency specification": https://bugs.gentoo.org/174322
That makes it much more clear where it is supposed to be used, namely
in dependencies. (Imagine that! :-)

> PS: It might be a week before I feel like reading the "don't touch
> my stuff" cabal again, so please don't mind if I happen to touch
> your stuff while you work out what's wrong with your attitude.

Not going to comment on this.

Ulrich

[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Lars Wendler]

[-- Attachment #1: Type: text/plain, Size: 1582 bytes --]

Hi,

On Tue, 2 May 2017 13:05:38 +0200 Chí-Thanh Christopher Nguyễn wrote:

>Paweł Hajdan, Jr. schrieb:
>
>>>> Please stop editing package lists when you are not the maintainer
>>>> and arches are already CCed.  
>>> +1
>>>
>>> Please stop it.
>>> And yes that's also true for arch team members.
>>>
>>> Package list is maintainer territory.  
>> Curious, what are the reasons and what changes people make that they
>> shouldn't?
>>
>> I'm wondering if there's some solution to these issues (maybe better
>> documentation, or an alternative way of accomplishing what these
>> people try to do).  
>
>As dilfridge pur jer in CC, I guess that some of jer's changes to bugs 
>were not welcomed by maintainers.
>
>One recent example of non-maintainer activity in the package list
>field is bug 613104, where he just removed the entire package list
>(and then marked the bug WONTFIX).
>Also very common is that he changes fully qualified package names
>(which is the correct syntax per [1]) into fully qualified package
>atoms (which is the legacy syntax). Bug 616260 is one such example.

I must admit that I did the same (changing full package names to full
package atoms). IIRC when these package lists were introduced this was
the only valid syntax and stable bot complained if it was not a package
atom.

>Best regards,
>Chí-Thanh Christopher Nguyễn
>
>[1] https://bugs.gentoo.org/page.cgi?id=fields.html
>

Kind regards
Lars

-- 
Lars Wendler
Gentoo package maintainer
GPG: 21CC CF02 4586 0A07 ED93  9F68 498F E765 960E 9B39

[-- Attachment #2: Digitale Signatur von OpenPGP --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Andreas K. Huettel]

[-- Attachment #1: Type: text/plain, Size: 1083 bytes --]

Am Dienstag, 2. Mai 2017, 13:05:38 CEST schrieb Chí-Thanh Christopher Nguyễn:
>
> Also very common is that he changes fully qualified package names (which
> is the correct syntax per [1]) into fully qualified package atoms (which
> is the legacy syntax). Bug 616260 is one such example.

That's one thing. And it's super annoying since the bugzilla e-mails try to 
provide a diff, but the result is for longer package lists unreadable and not 
helpful. 

Also, in some cases, additionally keywords were added and removed from the 
list without any further comment. Taking this possibility into account, one 
would have to check any BZ mail with a lot of attention. 

The much better alternative would be 
* Don't do any cosmetic changes. They are pointless for a bot-evaluated field.
* If you need additional keywords or want to drop something, leave one 
sentence on the bug with request and reason, and let maintainers sort out the 
package list field...



-- 
Andreas K. Hüttel
dilfridge@gentoo.org
Gentoo Linux developer (council, perl, libreoffice)

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Andreas K. Huettel]

[-- Attachment #1: Type: text/plain, Size: 546 bytes --]

Am Dienstag, 2. Mai 2017, 18:27:58 CEST schrieb Andreas K. Huettel:
> 
> The much better alternative would be
> * Don't do any cosmetic changes. They are pointless for a bot-evaluated
> field. * If you need additional keywords or want to drop something, leave
> one sentence on the bug with request and reason, and let maintainers sort
> out the package list field...

Or  alternatively just un-cc your arch with "xxx is skipping this". 

-- 
Andreas K. Hüttel
dilfridge@gentoo.org
Gentoo Linux developer (council, perl, libreoffice)

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 981 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Jeroen Roovers]

On Tue, 2 May 2017 13:05:38 +0200
Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> wrote:

> One recent example of non-maintainer activity in the package list
> field is bug 613104, where he just removed the entire package list
> (and then marked the bug WONTFIX).

I've been in desktop-misc@ since at least October 2011. Additionally, I
explained to Harri Nieminen (Moiman) what was wrong with that bug
report, so I didn't "just" close the bug - I explained what was
happening to the packages that he does _not_ officially maintain.



Good luck with the cabal,
     jer

Re: [gentoo-dev] Bugzilla package list editing

[Mart Raudsepp]

Ühel kenal päeval, T, 02.05.2017 kell 02:31, kirjutas Andreas K.
Huettel:
> Am Sonntag, 30. April 2017, 12:29:46 CEST schrieb Mart Raudsepp:
> > 
> > Please stop editing package lists when you are not the maintainer
> > and
> > arches are already CCed.
> > 
> 
> +1
> 
> Please stop it.
> And yes that's also true for arch team members.
> 
> Package list is maintainer territory.

He keeps messing with this.
Can we please remove his editbugs privileges until he learns to be more
considerate towards others?

I'm sick and tired of seeing these non-maintainer package list editing
e-mails that I need to spend time on to validate what was changed
again.
As-is, one person is constantly generating lots of small amount of
extra checking work for everyone else due to being stubborn and not
simply prepending a = in front of the package list lines, if not
present yet, as he must have a script already to filter out the
packages that are needed for hppa (and no, it's not just a grep hppa).
(and it's not always just prepending of =, there can always be other
easter eggs in longer package lists without as much as a comment, as
many have experienced, so you do need to really carefully check what
the heck was changed again).


Mart

Re: [gentoo-dev] Bugzilla package list editing

[David Seifert]

On Wed, 2017-05-10 at 18:22 +0300, Mart Raudsepp wrote:
> Ühel kenal päeval, T, 02.05.2017 kell 02:31, kirjutas Andreas K.
> Huettel:
> > Am Sonntag, 30. April 2017, 12:29:46 CEST schrieb Mart Raudsepp:
> > > 
> > > Please stop editing package lists when you are not the maintainer
> > > and
> > > arches are already CCed.
> > > 
> > 
> > +1
> > 
> > Please stop it.
> > And yes that's also true for arch team members.
> > 
> > Package list is maintainer territory.
> 
> He keeps messing with this.
> Can we please remove his editbugs privileges until he learns to be
> more
> considerate towards others?
> 
> I'm sick and tired of seeing these non-maintainer package list
> editing
> e-mails that I need to spend time on to validate what was changed
> again.
> As-is, one person is constantly generating lots of small amount of
> extra checking work for everyone else due to being stubborn and not
> simply prepending a = in front of the package list lines, if not
> present yet, as he must have a script already to filter out the
> packages that are needed for hppa (and no, it's not just a grep
> hppa).
> (and it's not always just prepending of =, there can always be other
> easter eggs in longer package lists without as much as a comment, as
> many have experienced, so you do need to really carefully check what
> the heck was changed again).
> 
> 
> Mart
> 

He doesn't stop: https://bugs.gentoo.org/show_bug.cgi?id=617694
Please drop editbugs privileges for some time. Everyone agrees that
this maintainer-specific metadata is not to be touched.

Re: [gentoo-dev] Bugzilla package list editing

[Kristian Fiskerstrand]

[-- Attachment #1.1: Type: text/plain, Size: 934 bytes --]

On 05/10/2017 05:33 PM, David Seifert wrote:
> On Wed, 2017-05-10 at 18:22 +0300, Mart Raudsepp wrote:


>>
> 
> He doesn't stop: https://bugs.gentoo.org/show_bug.cgi?id=617694
> Please drop editbugs privileges for some time. Everyone agrees that
> this maintainer-specific metadata is not to be touched.
> 

I've actually spent some time looking into this and haven't actually
found any authoritative documentation that makes it maintainer-specific,
so I welcome some references to documentation that it is.

There is the bug wrangler project page, but that is project-specific and
not global.

Although it is certainly a good practice that maintainer acks
stabilizations; other projects routinely files stabilization requests,
in particular the security project.

-- 
Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3


[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Michael Jones]

[-- Attachment #1: Type: text/plain, Size: 1818 bytes --]

From a non-gentoo developer who seriously looked at joining the community
over the last few years as a new developer, this entire conversation thread
is absurd, and is a wonderful example of why I decided to not bother.

If you don't want people to edit the field such that it's usable with the
official package manager of the distribution, then change the formatting
rules for the field!

If you don't want people editing a field, then change the software such
that groups who aren't allowed to edit the field aren't even capable of
editing it!

Either officially document the expected formatting and permissions, or put
automated enforcement rules into place. Throwing accusations of wrongdoing
around simply because the action in question generates an email is, again,
absurd.




On Wed, May 10, 2017 at 10:45 AM, Kristian Fiskerstrand <k_f@gentoo.org>
wrote:

> On 05/10/2017 05:33 PM, David Seifert wrote:
> > On Wed, 2017-05-10 at 18:22 +0300, Mart Raudsepp wrote:
>
>
> >>
> >
> > He doesn't stop: https://bugs.gentoo.org/show_bug.cgi?id=617694
> > Please drop editbugs privileges for some time. Everyone agrees that
> > this maintainer-specific metadata is not to be touched.
> >
>
> I've actually spent some time looking into this and haven't actually
> found any authoritative documentation that makes it maintainer-specific,
> so I welcome some references to documentation that it is.
>
> There is the bug wrangler project page, but that is project-specific and
> not global.
>
> Although it is certainly a good practice that maintainer acks
> stabilizations; other projects routinely files stabilization requests,
> in particular the security project.
>
> --
> Kristian Fiskerstrand
> OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
> fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
>
>

[-- Attachment #2: Type: text/html, Size: 2608 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Rich Freeman]

On Wed, May 10, 2017 at 2:17 PM, Michael Jones <gentoo@jonesmz.com> wrote:
> From a non-gentoo developer who seriously looked at joining the community
> over the last few years as a new developer, this entire conversation thread
> is absurd, and is a wonderful example of why I decided to not bother.
>
> If you don't want people to edit the field such that it's usable with the
> official package manager of the distribution, then change the formatting
> rules for the field!
>
> If you don't want people editing a field, then change the software such that
> groups who aren't allowed to edit the field aren't even capable of editing
> it!
>
> Either officially document the expected formatting and permissions, or put
> automated enforcement rules into place. Throwing accusations of wrongdoing
> around simply because the action in question generates an email is, again,
> absurd.
>

While the situation is indeed absurd, and this email will no doubt
only fuel your shock, the solution isn't quite that simple.

Validations probably would help, assuming they can be implemented in bugzilla.

Permissions are a touchy situation, because the person who is being
accused of incorrectly editing the field is also our main bug
wrangler, who probably does more bug editing than just about anybody
else.  So, removing their permissions also removes one of their main
areas of contribution to Gentoo.

One of the issues that keeps coming up is around just how
decentralized we are, and that has pros and cons.  We're pretty
reluctant to actually enforce just about anything, or sometimes we're
inconsistent (we let somebody post on the mailing lists, but not
github, and so on).

-- 
Rich

Re: [gentoo-dev] Bugzilla package list editing

[William L. Thomson Jr.]

[-- Attachment #1: Type: text/plain, Size: 667 bytes --]

On Wed, 10 May 2017 15:08:40 -0400
Rich Freeman <rich0@gentoo.org> wrote:
>
> One of the issues that keeps coming up is around just how
> decentralized we are, and that has pros and cons.  We're pretty
> reluctant to actually enforce just about anything,

Facts would show otherwise. Enforcement depends on the person.

> or sometimes we're inconsistent (we let somebody post on the mailing
> lists, but not github, and so on).

Or one is punished for things others are not. Even if other's actions
are far worse than those of the person being punished.

It is very much a clique.... And becoming more so by the day....

-- 
William L. Thomson Jr.

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 195 bytes --]

Re: [gentoo-dev] Bugzilla package list editing

[Rich Freeman]

On Wed, May 10, 2017 at 3:24 PM, William L. Thomson Jr.
<wlt-ml@o-sinc.com> wrote:
>
> Or one is punished for things others are not. Even if other's actions
> are far worse than those of the person being punished.
>

Considering that we don't disclose whether anybody is punished or what
they're punished for publicly, this is not something that most people
are in a position to judge.

Hint: just because somebody says they're being punished for xyz
doesn't mean that they are.  If you cite an example which isn't
accurate, nobody in authority will confirm or deny it.

> It is very much a clique.... And becoming more so by the day....

Honestly, letting people talk on the lists endlessly about how much of
a clique Gentoo is will probably only lead to it becoming more of a
clique, because nobody new will want to join up.

-- 
Rich

Re: [gentoo-dev] Bugzilla package list editing

[Mart Raudsepp]

Ühel kenal päeval, K, 10.05.2017 kell 13:17, kirjutas Michael Jones:
> From a non-gentoo developer who seriously looked at joining the
> community over the last few years as a new developer, this entire
> conversation thread is absurd, and is a wonderful example of why I
> decided to not bother.

I agree that it's absurd to even have to have such a thread. But here
we are.

> If you don't want people to edit the field such that it's usable with
> the official package manager of the distribution, then change the
> formatting rules for the field!

The formatting rules are in place and well documented.
https://wiki.gentoo.org/wiki/Stable_request
It is clearly not meant for being passed directly to the package
manager, when the action will just error due to no relevant keywords
yet (you know, what the bug is about), and because it can optionally
list a restriction of arches for which a given line is meant for.

There is also a fully working parser that generates a proper chunk of
text out of it for a given arch (doing all the filtering to list only
the packages meant for that arch, guaranteeing = prefix while keeping
it on the bug more readable, etc) at
https://github.com/kensington/bugbot/blob/master/getatoms.py which
everyone else uses to great success, except one single person who
insists the format is something else than it is and spams us all with
changed that have to get reviewed or reverted by the maintainer (while
that change is not meant to happen in the first place after
architectures are CCed without going through maintainer) instead of
simply adjusting his own alternative scripts.

> If you don't want people editing a field, then change the software
> such that groups who aren't allowed to edit the field aren't even
> capable of editing it!

It is getting wrongly edited by a person who is a developer and
maintains packages of their own and theoretically should be able to
edit it for his own maintained packages STABLEREQ and KEYWORDREQ bugs,
and as a developer has editbugs privileges on bugzilla.

> Either officially document the expected formatting and permissions,
> or put automated enforcement rules into place. Throwing accusations
> of wrongdoing around simply because the action in question generates
> an email is, again, absurd.

The formatting is well documented. The permissions are just like they
have always been, and I'm pretty sure this is covered by even the
recruitment quizzes.

We are not in a position to have the time to teach bugzilla about what
developer maintains what, and what bug is about what package, to be
able to restrict this on a case by case basis.
Having to do that just because a single person doesn't play along is an
absurd requirement.

> On Wed, May 10, 2017 at 10:45 AM, Kristian Fiskerstrand
> <k_f@gentoo.org> wrote:
> > On 05/10/2017 05:33 PM, David Seifert wrote:
> > > On Wed, 2017-05-10 at 18:22 +0300, Mart Raudsepp wrote:
> > > He doesn't stop: https://bugs.gentoo.org/show_bug.cgi?id=617694
> > > Please drop editbugs privileges for some time. Everyone agrees
> > that
> > > this maintainer-specific metadata is not to be touched.
> > >
> > 
> > I've actually spent some time looking into this and haven't
> > actually
> > found any authoritative documentation that makes it maintainer-
> > specific,
> > so I welcome some references to documentation that it is.

I'm sorry that you can't find something written down that is extremely
common sense, and has always been like this.
Do you remember a non-maintainer going and attaching a new
stabilization list to a stabilization bug? Do you remember a non-
maintainer overriding a stabilization list given in a bug comment in a
way that architecture teams would actually consider this as what is to
be used, when manual finding of the correct list was needed from
comments?

This is nothing different, it's just easier to find and parse via
scripts.
Stabilization and keywording lists are the responsibility of the
relevant maintainers, not that of a single architecture. An
architecture team member may do something extra on their own
responsibility, but not change the list for all the other
architectures. Or force a re-review by the maintainers because you have
a different idea than everyone else (including the feature author) what
is correct format to have in it, or think some extra package is needed
without consulting the relevant maintainers and just add it to an
already ongoing stabilization bug (which gets handled by scripts by
others without noticing this change was done without authorization).

Something being easier (downloading previous attachment, changing it
and re-attaching is harder) doesn't mean the rules suddenly changed.


> > There is the bug wrangler project page, but that is project-
> > specific and
> > not global.

https://wiki.gentoo.org/wiki/Stable_request has been mentioned before
and discussed enough. I also wrote this thread before as a reminder, 
which everyone agreed to, except the one person that is stubborn and
has different ideas. Because of that, someone ELSE has to do the work
to stop one persons misguided stubbornness to break the workflow for
everyone else. Sorry, but that is not OK.

This new field and so on is an actual effort towards a better workflow.
The thing the working group you are leading was supposed to analyze and
come up with. This field is getting abused by a developer. I first
kindly asked to stop it, but it hasn't, so I ask for some sort of
action towards avoiding this field meant to help being made useless due
to unauthorized edits.

> > Although it is certainly a good practice that maintainer acks
> > stabilizations; other projects routinely files stabilization
> > requests,
> > in particular the security project.

And the security project doesn't change the stabilization list after it
has been ACKed by maintainer via CC'ing architecture teams, unlike what
we are talking about here. They usually don't even fill the
stabilization package list.
It is not a good practice to get an ACK for stabilization. It is a soft
requirement, unless maintainer timeout happens.
https://devmanual.gentoo.org/ebuild-maintenance/index.html#stabilizing-ebuilds
"The maintainer of the package should always be contacted just in case
there are reasons not to do so.", etc