On Sun, Jul 22, 2018 at 03:35:52PM -0400, Santiago Torres-Arias wrote: > Hello everyone, > > Formalities first, Christian Rebischke (Shibumi) is sponsoring my application, > although I'd like to thank so many people for their feedback, help, guidance > and counsel in all-things-Arch*. > > My name is Santiago Torres-Arias[1], and I'm a Mexican PhD candidate > from New York University. My research focuses on securing the dev-ops > pipeline/supply chain, which includes work on package manager security, > version control system security, securing container orchestrators, > reproducible builds, so on and so forth. It is not a coincidence that > all of these relate strongly with Linux; I believe the Linux environment > pretty much shaped my professional career since I was in High School. > > I've been a GNU/Linux user for more than I can remember, although I started > using it exclusively circa 2011. I started using Debian, Mint and Ubuntu > interchangeably for a couple of years and, as time passed, I started to > develop > personal scripts and unscrew my deterministically-broken distro (I still > remember my hook to fix the fglrx install every time X was updated). This > experience threw me to the other side, and for a while I thought I could > maintain my own LFS-based distribution with scripts of this sort, which led me > to learn a lot about what *not* to do when managing packages. However, It was > when I finally decided to give Arch a serious try (around 2014) that I found > myself enamored with not only the toolchains, but the community and the > philosophy behind the distribution --- I'm now a strong supporter of the > Arch Way(tm) thanks to all the leasons learned through the winding roads > of linux-system-administration. > > Although I've always been an assiduous user of the AUR, not only using but > writing my own PKGBUILDs, It was only until recently (about 8 months now), > that > I've been working towards becoming more familiar with the package ecosystem > with the end goal of becoming a TU. I've received feedback from many members > on > the community on how to fix, extend and follow best practices on writing > PKGBUILDS which I believe has improved their quality[2]. > > Besides maintaining packages I've been contributing to other aspects of > the Arch Linux ecosystem for about three years now. I've participated in > the security team almost since its inception, by providing code to the > tracker, tracking CVE's and sending advisories. Likewise, I've been a > tester for more than a year. I've also participated (although not as > much as I've wanted) on the archlinux-reproducible efforts. Finally, > I've worked along with shibumi and Pierre in making an automated build > of an official Archlinux Docker image. Beyond Arch Linux, I'm a > committer to projects like reproducible-builds.org[3], Briar[4], > neomutt[5], and The Update Framework (TUF)[6], among others[7]. > > There are two main reasons for this application to become a TU. First, I want > to > contribute *more* to a community that has given me so much, and I'm certain > that helping packaging tools for everyone in the community repository will > only > improve the overall user experience. Second, and most importantly, I want to > expand the offer of packages in the official repositories. > > Concretely, I want to maintain the following packages: > > - Orphaned packages (I'm a regular user of these): > - giblib (currently on extra) > - python-pylint (currently on extra) > - uthash > - znc > - cvf > - netctl (?! currently on core, so I suspect I can't maintain this > one) > - python-opencl/pyopencl-headers > > - I'd love to co-maintain some packages that have a packager right now**: > - radare-cutter > - hub > - rtl-sdr > - maven > > - I intend to move the following packages from the AUR: > - reprotest > - git-latexdiff > - python-rstr > - python2-grip > - inxi > - plex-fonts > > Needless to say, I'm open to discussion on this list. I can extend it with any > suggested packages, or discard any packages that aren't deemed popular enough. > > On a less technical, serious note, I love playing guitar! I have a band > and we play progressive, shoegaze, and math-rock. I also like cycling, > and reading on pretty much anything. I'm a Rust fanboy and I'm > re-learning Verilog, as I'm hoping to play around with the RISC-V ISA > and emulate TPM's and other trusted hardware designs. > > Thanks, > -Santiago (Sangy) Torres-Arias > > [1] https://badhomb.re > [2] https://aur.archlinux.org/account/sangy > [3] https://reproducible-builds.org > [4] https://neomutt.org/feature/new-mail#7-%C2%A0credits > [5] https://briarproject.org > [6] https://theupdateframework.com > [7] https://github.com/santiagotorres > > * Thanks to eschwartz, shibumi, anthraax, jelle, rgacogne, Foxboron, pid1, > Tigrmesh, meskarune et al.! > ** This is the first time I make this public, so there's no commitment from > the current packager at all
Hello everybody, I confirm my sponsorship for sangys application. Let's begin the discussion period. chris
signature.asc
Description: PGP signature
