Date: Sun, 31 Jul 2005 17:21:42 +0430 From: Babak Farrokhi <bfarrokhi@gmail.com> To: pav@freebsd.org Cc: ports@freebsd.org, Mark Linimon <linimon@lonesome.com> Subject: Re: New port with maintainer ports@FreeBSD.org [was: Question about maintainers] Message-ID: <9f7e126b05073105517b60d83f@mail.gmail.com> In-Reply-To: <1122807251.24300.22.camel@ikaros.oook.cz> References: <66A226C3557B48ED535E3FED@utd59514.utdallas.edu> <20050728170401.GA9534@soaustin.net> <20050728172249.GD66015@isis.sigpipe.cz> <20050728175142.GA11503@soaustin.net> <20050728225650.GE66015@isis.sigpipe.cz> <20050729020225.GA28471@soaustin.net> <20050729102158.GA73490@isis.sigpipe.cz> <20050729203324.GA19476@soaustin.net> <9f7e126b050730124130c9bf87@mail.gmail.com> <1122807251.24300.22.camel@ikaros.oook.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Pav, On 7/31/05, Pav Lucistnik <pav@freebsd.org> wrote: > > > > Let me give you an example: I am the maintainer for www/eventum. The > > current version in ports tree was 1.5.4 so I submitted the patch for > > 1.5.5 (ports/84297) and now version 1.6.0 is out but the patch is not > > submitted despite I was the maintainer myself. >=20 > Submitted on Friday, complained about it on Saturday? My bad. You are right. I really didn't notice the date while I originally had ports/83960 in mind to give as example. >=20 > We just don't have a _manpower_ to process all incoming PRs in 24 hours > after arrival timeframe. Your simple update of eventum took me 20 > minutes to fix, test and commit. I have it pretty extensively automated. > New ports usually takes longer, depending on how much committer have to > fix. Trust me, some submissions are really useless. >=20 > Should we just kill those? I believe not. >=20 > Now take a look at http://www.oook.cz/bsd/prstats/busters-ports.html > those are numbers of closed PRs in past 3 months. That gives me > 8 PRs/day. In practice I'm spending some four hours a day on it. > I got a paid fulltime job I have to do, and I also got some non-FreeBSD > pasttime activities, commonly called "a life". I am a ports freak and I always have a freshports.org rss feed to track ports changes as well as submitting updates and patches. It is obvious that ports team is doing a very good job with testing and fixing submissions. I personally learn too many things when you clean up the code before submission and I would like to thank you for the good job. (e.g. ports/84297). You are teaching people to submit cleaner codes and hopefully become commiters to help the project. I hope I can help someday. =20 >=20 > The point here is to view the situation from the standpoint of > committers. No one here can be doing this full-time. And people are > doing this for fun, don't forget. >=20 > Now a lot of committers spend a lot of time maintaining their own ports, > which are often complex and heavinly used. >=20 > What we could really use be some dedicated people with a lot of free > time and a good skill in ports. Those people are hard to find. >=20 > > Another example: I submitted patch to update editors/vim to patchlevel > > 79, now this version is vulnerable to arbitrary command execution > > according to CAN-2005-2368. So I submitted the patchlevel 85 > > (ports/84145) and also notified security-team@. But the port is still > > awaiting approval. >=20 > Well yes, it was three days old when you urged this at secteam. They > decided to wait on maintainer instead of rushing it in, as the > vulnerability is not that severe. >=20 > > There is really something wrong with the port management process. > > People's work is not being respected. So how do I get encouraged to > > submit my patches? >=20 > Now you cut yourself with double-edged sword. You want us to respect > your submission by not respecting O'Brien's maintainership? >=20 There is no point to bypass the maintainer approval except in emergency cases which does not apply to my submission to this port. However I only contacted secteam to notify them of the vulnerability and speed up the process (like I already did for ports/83006). I just thought maybe its a good idea to reduce the maintainer-timeout for security patches. > -- > Pav Lucistnik <pav@oook.cz> > <pav@FreeBSD.org> >=20 > And now something completely different. >=20 >=20 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (FreeBSD) >=20 > iD8DBQBC7K3TntdYP8FOsoIRAlu8AKCYgPe1kdvxYDbASRbeeQ4bHjMBUgCgkU5m > DXa66FdpBLkITcUydWM709E=3D > =3DpU33 > -----END PGP SIGNATURE----- >=20 >=20 >=20 --=20 Babak Farrokhi email: babak@farrokhi.net web: http://farrokhi.net/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9f7e126b05073105517b60d83f>