On Thu, 2020-09-17 at 13:30 -0400, Stephen John Smoogen wrote: > On Thu, 17 Sep 2020 at 12:53, Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> > wrote: > > > On Fri, Sep 11, 2020 at 11:01:00AM -0700, Adam Williamson wrote: > > > If one of the issues here can be stated as "we want buildroot-only > > > packages because we don't want to maintain those packages to a high > > > standard", it is demonstrably a viable choice within Fedora to just > > > *not maintain those packages to a high standard*. Maybe we wish it > > > wasn't the case, but this is a thing that happens all the time. We have > > > > YES. In fact, *labeling* this is explicitly one of the things I wanted from > > modularity. I have a slide about this in one of my talks even, although I > > can't find it right now. The upshot is: packagers care about the software > > they want to run, and package up and maintain deps either because they want > > to do the right thing and be helpful -- or because they have to. > > > > I mean, some of y'all like to maintain and keep obscure dependency packages > > up to date just for their own sake, and that's *awesome* -- but we just > > can't hold everyone to that standard. At least, not if we want more than a > > few dozen packagers. So the *idea* was that modularity would let anyone > > express "I need these packages as dependencies, but I don't have the cycles > > to maintain them" -- not because that's an awesome situation, but because > > it's the reality and the status quo for a lot of things. > > > > Sooooo: RH Java packagers, what if you build these packages as non-modular > > (maybe using some scripting to make it happen at the same time as modular > > builds?) and add a readme explaining their maintenance state? I think > > that'd > > be preferable to where we are now, and it gets us to the next thing: > > > > * you could still help update and maintain these as time and inclination > > allows without feeling pressure, and... > > > > * rather than needing to do duplicative work all alone, the stewardship SIG > > could focus on serious security issues and high-priority bugs in this > > package set. > > > > That way, the application ecosystem would be available, the build deps > > would > > be there, and, actually, because of the collaboration, you wouldn't need to > > feel guilty about package maintenance state. > > > > > > What am I missing with this? > > > > > > > Those packages get bugs and bugzilla is a monkey on the back of every > packager.. having a ton of packages which you know you aren't going to fix > but are still going to get bugs on with the conversation going like: > 'its broke' > 'yes I know its broke.. I just need the header files' > 'well I need it to work' 'well fix it yourself' > 'no that is your job.. it says you OWN THE PACKAGE'. > 'I just own it to build foobar' > 'too bad.. i am taking this to lwn/slashdot/twitter/reddit' The alternative to this is: 'its broke' <silence> This accounts for about 50% of our bugs at any given time. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
