On Wed, 2006-08-30 at 13:47 -0800, Jeff Spaleta wrote: > On 8/30/06, Josh Boyer <jwboyer@xxxxxxxxxxxxxxxxxx> wrote: > > That puts the onus on the maintainers to go look and doesn't make it > > required. And if nobody goes and looks at the results... I guess it's > > no different than how things exist today in that regard :). > > > We will need a metric to see how much its being used. If Fedora > resources are going to be used to keep the service running into the > future (manpower or infrastructure), you want to make sure that its a > cost-effective tool in the long run. We want to be in a position in a > year or so to evaluate whether or not its worth expending resources > based on how much value we are actually deriving from this > information. To do that we are going to have to have some metric by > which to track how many maintainers use this, and the quality of the > usage as it translates into changes in packages. If very few > maintainers are using the information being collected a year from now, > then a decision will have to be made as to whether or not the > resources being expended to keep the scannning operational is worth > it. Metric: Compare # of packages that have coverity bugs opened by their maintainers vs. number of packages coverity runs on. > > Personally, I'd like some clarity as to whether or not the software > needed to run this..service.. is going to be housed on Fedora > controlled infrastructure or not. Being a zealot, I would be somewhat > unhappy if proprietary tools, even optional ones, were running on > Fedora dedicated infrastructure. I'd be more at peace with this if the > hardware running these scans was on Coverty owned servers and they > were donating this service to the Fedora project in a way that Fedora > did not have to directly host or maintain any proprietary software > internally. I feel its very important that we continue to work > towards a fully open set of internal project tools, that can be > replicated and adapted by other open source community members, but I > don't have any problem at all with someone else volunteering to > provide outside proprietary services which we have no direct > involvment with other than sending our data over the wire. That way, > if people in the open source community want to focus their attention > and provide a completely open solution in the future, they will have > equal footing to gain access to the required data to provide a > similair competing service. I fear if Fedora instrastructure > resources are dedicated to running proprietary tools, even optional > tools, that decision will impact the ability for Fedora to adopt open > solultions in the same problem space in the future due to > infrastructure constraints. *sigh* Let's not forget that the Core buildsys _is_ proprietary. Brew has not been open sourced. josh -- fedora-extras-list mailing list fedora-extras-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-list
