[clc-devel] Ports reorganisation?

Simone Rota sip at varlock.com
Tue Jan 13 16:53:58 UTC 2004

On Fri, 2004-01-09 at 10:40, Johannes Winkelmann wrote:
> Hello,

> I've discussed with Jürgen and Martin regarding unmaintained, and I now
> think that we should keep it and define a procedure to allow submission
> of changes back to it. This is because of the higher level of trust
> because someone from CLC at least _looked_ at it ("many eyes" as Martin
> called this). IMHO this is a very good argument.
> The important thing here is to make sure that applying submitted changes
> is really simple and that a lot of checks are done by scripts (e.g.
> footprints).

> I just think we should first of all open unmaintained for contributions
> so people don't duplicate newer versions of these ports in their httpup
> repos. Then we should try to propagate httpup repositories with a
> certain standard (e.g. no dups). I could even imagine to have to kind of
> "clc-contrib" subproject, which fetches the httpup repositories from the
> respective httpup maintainers and serves it as a single httpup repo.
> This would also be the place to recruit new maintainers.
> Of course, this is probably quite some work, and we lose the "many eyes"
> advantage.

Sorry for replying a little late, I was reading some comment about
arch linux yesterday (don't remember where, sorry. Maybe osnews.com).
I think they've a public Incoming collection or something similar;
maintainers periodically check ports submissions
and updates in this incoming collection and eventually transfer
them to unmaintained.
To me it sounds a nice system. The first maintainer that has some
spare time could do a quick check on the incoming collection
and transfer good ports.

A question arise: what to check? Since after all that ports will be
transferred to unmaintained (or 3rdparty or some other name), I suggest
maintainers should only check for a couple of security aspects:
- sources are retrieved from a proper url.
- no malicious stuff in Pkgfile "build" function.
IMHO If the port doesn't build or there are footprint issues
we should leave the users / casual contributors the task
to submit a patch to the packager or directly to the
incoming dir.

> And finally I'd keep the policy that ports from unmaintained should
> automatically lose their UNMAINTAINED tag when not touched for
> $SOME_TIME. Like this, only actively used ports remain in our collections.
> Of course, there should be a warning mail to a mailing list ("port XY is
> about to be removed from unmaintained").

Good idea, the only suggestion I have is to send
a cumulative mail  periodically (every x months)
instead of each time a port is "expiring":
Warning: the following ports will be removed: a,b,c...

> Looking forward to some more comments,
> Best regards Johannes

I hope we can find some good implementation of
the ideas coming up from this ML; I also hope
to have some more time in a month or so* to give
some help if needed.

Simone Rota           WEB : http://www.varlock.com
Bergamo, Italy        MAIL: sip at varlock.com

* My next exams dates:
26.01 - 28.01 - 30.01 - 02.02 - 04.02 - 05.02
more to come on Feb 07..21. sic.

More information about the crux-devel mailing list