On Mon, 2020-01-06 at 14:48 -0500, Robbie Harwood wrote: > Miro Hrončok <mhroncok@xxxxxxxxxx> writes: > > > On 06. 01. 20 12:44, Peter Robinson wrote: > > > > > > As said in the e-mail, if you think the policy needs to be adapted, > > > > please discuss - I have made sure the recent changes in the policy > > > > are discussed with the community, especially since you were so angry > > > > when I followed the previous one. Unfortunately, there was no input > > > > from you when the policy was discussed, despite me repeatedly asking > > > > you to stop being angry at me and participate in the policy > > > > discussion instead. > > > > > > What recent discussions, I've not actually looked at a lot of Fedora > > > related stuff much since August because of constant travel and things > > > related directly to my $dayjob so I likely missed any of the > > > discussion if it's happened since then. > > > > https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/NKFYAWL4GWYR37C6XA63JMNBZYEM6BI3/ > > > > > Angry, I wasn't angry, annoyed certainly. It does annoy me that we're > > > driving away packagers that have a little time here and there with > > > these policies, I feel we have too few contributors already and > > > aggressive policies and enforcement only make it worse. > > > > That's exactly why I want the policies less aggressive. A year + long > > FTBFS isn't aggressive in my POV. > > If you don't have the time to make a new build once every year, you > shouldn't be a packager, full stop. If this is too arduous a > requirement, I recommend getting involved with the efforts to improve > the packaging workflow. We are talking about crypto-related packages > here; being able to rebuild them and be confident in their contents is > arguably more important than any other kind of package. Anecdotally, > I've sent two non-responsive maintainer emails (both involving CVEs > which were fixed as a result). We're kind of litigating a Red Hat staffing issue as a Fedora policy argument here, aren't we? I mean, yes, obviously, we can't realistically remove shim from the distro (for a start it would mean we'd be violating our own release criteria, as those require boot on Secure Boot-enabled systems to work). But at the same time, it's pretty hard to argue that pjones is a sufficiently active maintainer of the things he's supposed to be maintaining. This is for perfectly good reasons, but that doesn't stop it being a problem. For me the obvious solution to this is: RH needs to hire someone to deal with the dull stuff pjones doesn't have time for. (That person needs to be trusted by all relevant entities for Secure Boot purposes too, I guess, which might make it slightly trickier, but still doesn't seem like an insuperable problem). -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
