It has become abundantly clear that distribution maintainers should have
as few patches as possible. Patches waste time due to duplicate work,
resources (portage disk space and bandwidth), and as the Debian project
recently found out after a major vulnerability was discovered in the
OpenSSH packages (see http://www.milw0rm.com/exploits/6094, and
http://www.securityfocus.com/bid/30276 among others), they can become a
source of great embarrassment, and liability since they are not nearly
so well audited as code in heavily used mainstream projects (an
unintentional Cathedral if you will). I therefore propose the following
changes:
Patches in the metadata.xml should have some sort of status tracking for
each patch, repoman should flag any that don't, and warn on any that
have not been submitted upstream unless the status is signed off on by a
herd leader (such as Gentoo specific patches). This would provide visual
feedback for users and developers with regard to a pretty important
metric on how successful Gentoo is at getting patches pushed back to
developers.
Developers who consistantly clear a large quantity of patches upstream
should also be recognized in the Gentoo Monthly Newsletter, and
otherwise as appropriate.
Obviously the software needs to work, and therefore we need patches, but
Gentoo has not done enough to date to get them pushed upstream. Lets
look at some cringeworthy statistics on outstanding patches. (NB these
are only patches in portage, and not patches which don't meet portage's
maximum size)
app-accessibility 48 app-admin 178
app-antivirus 10 app-arch 101
app-backup 55 app-benchmarks 20
app-cdr 58 app-crypt 90
app-dicts 28 app-doc 26
app-editors 90 app-emacs 51
app-emulation 186 app-forensics 21
app-i18n 77 app-laptop 23
app-misc 181 app-mobilephone 34
app-office 64 app-pda 50
app-portage 36 app-shells 91
app-text 334 app-vim 13
app-xemacs 4 dev-ada 1
dev-cpp 30 dev-db 141
dev-dotnet 27 dev-embedded 17
dev-games 27 dev-haskell 12
dev-java 264 dev-lang 313
dev-libs 391 dev-lisp 112
dev-ml 15 dev-perl 78
dev-php 6 dev-php5 11
dev-python 202 dev-ruby 63
dev-scheme 37 dev-tcltk 33
dev-tex 24 dev-tinyos 3
dev-util 328 distfiles 26
eclass 21 games-action 58
games-arcade 76 games-board 58
games-emulation 88 games-engines 8
games-fps 58 games-kids 9
games-misc 15 games-mud 19
games-puzzle 65 games-roguelike 26
games-rpg 15 games-server 7
games-simulation 14 games-sports 17
games-strategy 54 games-util 31
gnome-base 45 gnome-extra 60
gnustep-apps 22 gnustep-base 3
gnustep-libs 9 kde-base 146
kde-misc 52 mail-client 71
mail-filter 49 mail-mta 21
media-fonts 5 media-gfx 188
media-libs 494 media-plugins 273
media-radio 2 media-sound 411
media-tv 44 media-video 253
metadata 72 net-analyzer 213
net-dialup 121 net-dns 45
net-firewall 33 net-fs 47
net-ftp 76 net-im 91
net-irc 68 net-libs 111
net-mail 113 net-misc 428
net-nds 11 net-news 16
net-nntp 21 net-p2p 67
net-print 49 net-proxy 53
net-voip 9 net-wireless 89
net-www 14 net-zope 6
perl-core 2 rox-base 11
rox-extra 6 sci-astronomy 32
sci-biology 32 sci-calculators 31
sci-chemistry 104 sci-electronics 21
