Date: Wed, 5 Aug 2015 12:36:49 +0100 From: Matthew Seaman <matthew@freebsd.org> To: "Julian H. Stacey" <jhs@berklix.com>, freebsd-ports@freebsd.org Subject: Re: Self committing... allowed or not? Message-ID: <55C1F551.3020905@freebsd.org> In-Reply-To: <201508051051.t75Apc7X032698@fire.js.berklix.net> References: <201508051051.t75Apc7X032698@fire.js.berklix.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--WAe5gkDoG8rf5DUPwIrFMdG0K0jgiIF2r
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
On 08/05/15 11:51, Julian H. Stacey wrote:
> Matthew Seaman wrote:
>> On 04/08/2015 17:28, Loganaden Velvindron wrote:
>>> I would like to know how hard would it be for our FreeBSD experts to
>>> hack SVN to allow port maintainers commit to individual ports to spee=
d
>>> up the process :p ?
>>
>> Technically that's probably not too difficult. Debian has a system li=
ke
>> that, using PGP signatures for authentication, which we could probably=
>> steal^Wcopy without too much trouble.
>>
>> The real kicker though is about maintaining code quality. This is
>> pretty much why committers exist: they are people who have shown
>> competence in dealing with src / ports / docs whatever and have
>> demonstrated they can maintain standards. One of a committers primary=
>> functions is to either fix or get the submitter to fix problems with
>> submissions before committing.
>>
>> Now, it's almost certainly true that many port maintainers who aren't
>> already committers would be perfectly competent at updating their own
>> ports. Chances are though if such a maintainer has been sufficiently
>> active and has submitted enough to establish their competence then
>> they'd be a definite prospect as a full-blown committer anyhow. ie. if=
>> you're good enough to commit changes to your own ports, then you're
>> pretty much good enough to commit changes to any port, so you might as=
>> well have a ports commit bit.
>=20
> Number of commiters ? I vaguely recall about 300 or 400 ?
> {
> http://www.freebsd.org/doc/en_US.ISO8859-1/articles/contributors/staf=
f-committers.html
> Contains one friend who said he'd resigned his commit bit.
> So maybe list out of date.
> https://wiki.freebsd.org/BecomingACommitter
> http://www.freebsd.org/doc/en/articles/committers-guide/committer.typ=
es.html
> A quick skim shows no number
> }
https://svnweb.freebsd.org/ports/svnadmin/conf/access?revision=3D393512&v=
iew=3Dmarkup
Shows currently there are 281 ports committers
> Number of Ports Maintainers: 1567
> {
> cd /pub/FreeBSD/branches/-current/ports
> find . -type f -name Makefile | xargs grep MAINTAINER > /tmp/ports_na=
med
> find . -type f -name Makefile | xargs grep -h MAINTAINER > /tmp/ports=
_unnamed
> wc -l po*
> 24295 ports_named
> 24295 ports_unnamed
> sort ports_unnamed| uniq | grep @ ... a spot of vi trimming of space=
s tabs
> & ?=3D & =3D to reduce variance & allow uniq to strip more ...
> A few of those addresses will be @freebsd list names, & some people@f=
reebsd
> }
Yeah. Requests to set up 1500 new @FreeBSD.org accounts with SVN access
would certainly not make anyone popular with the accounts@... team. It
is going to be a royal PITA to keep that list up to date as maintainers
come and go, and as they change which ports they maintain and would
certainly result in a great deal of churn and extra complexity in
svnadmin/conf/.
I believe the way the Debian system works is that a correctly PGP signed
and formatted update message will be auto-committed by a bot, so the
administrative load for handling a setup where a port maintainer can
'commit' changes to their own ports consists of curating a gnupg keyring
with the approved maintainer keys and a bit of scripting to correlate
the allowed keys with the maintainer address and checking that they are
the maintainer for the port in question.
(Or we could just have a MAINTAINER_KEYS=3D0xcafebabefeedface variable
listing the allowed PGP keys directly in the port Makefile.)
Sure it's technically feasible, but unclear as to whether it's worth the
effort to set up or what benefits it would achieve in practice.
Cheers
Matthew
--WAe5gkDoG8rf5DUPwIrFMdG0K0jgiIF2r
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVwfVYAAoJEABRPxDgqeTnOPUP/1LSfdKdC1pOz6Lu9QCpTEVy
LNFSLoiihp9haDURKy3I4321w7Tao15JPIC64isUr7DSmDcOSwBKnrDiDqc2Fjno
SNW1dQQ9n2oHpeHeiQJycul9+x+OOglqWFWbqN504fR/98b7BxVf9vP5NJ2J/Jww
EhLQwE4NpJtrf6/LbH14nnafdKTeRDkdGdy0cezXHZuo9vwGK8nwZ6xHQ/dsXeix
4vrD+/MEaRsQkG9NFK4DaPl+FkBygk5EUMOQZODZKamP/enk3CkN1OLUEP0sb+GO
yovjno91o2dEtER7d27qIjHKUpVvcy3FEG970nvAMd0XmxyeEqDhdMgwo8YGbeRP
ehyFQuWjBx0qBubedFNZLXd/RaB8JybF9O9JT0JQbniLbH7KDg2R9rm6XSUTwotA
9jyINUVcQATb4vZIRvz3ldmT17tqcbqZhC7Zk4rK7UCbnVPsbh/35k2497LbcCxa
xRp+os93BFlh7JlRJubtCZxeAhZCKgrLCIL+uh46MUqgo1KEjSdsdNCSkeTXsRP8
5dsRsbR6OMb0aaixhubXf1OLQU5hGkc2FyvEYU/yFRZEmn1SU/vArgGI8fzU0YME
MLmvtrfs+pOPAwUp2sMpKIxaH9SnpnYdwB9yZiluW2Q7+LZu8T0APZqU5BA6Zkyo
ULqsXS70F48eDfgdzoGR
=guuM
-----END PGP SIGNATURE-----
--WAe5gkDoG8rf5DUPwIrFMdG0K0jgiIF2r--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55C1F551.3020905>