On Mon, Nov 07, 2022 at 07:23:33PM -0500, Rich Freeman wrote: > On Mon, Nov 7, 2022 at 6:16 PM Sam James <s...@gentoo.org> wrote: > > > > > On 7 Nov 2022, at 06:07, Oskari Pirhonen <xxc3ncore...@gmail.com> wrote: > > > > > > On Sun, Nov 06, 2022 at 11:37:24 +0100, Piotr Karbowski wrote: > > >> I would be in favour of stepping up the social contract and actually > > >> prohibiting this kind of things, we had that before too, the nattka you > > >> mgorny wrote is replacement for old bugzilla bot that was ... > > >> closedsource and perished, though nattka now have way more features than > > >> the old thing ever had. > > > > > > As a user, I think it would be really cool if there was a requirement > > > that all infra and infra-adjacent stuff was free software. > > > > > > I feel like I've read that Debian already has something like this. While > > > doing some quick searches I didn't find a full-on requirement, but all > > > their infra bits I did find were powered by free software. The most > > > relevant ones being buildd [1] and debci [2]. Additionally, the debci > > > docs has inctructions on reproducing tests yourself [3] which is a nice > > > extra IMO. > > > > Gentoo has > > https://www.gentoo.org/get-started/philosophy/social-contract.html. > > I feel like something like a dev-run tinderbox is a bit out of the > scope of that. > > Suppose I file a bug against a package, pointing out some issue in it. > How do you know I didn't use some proprietary static code analysis > tool to discover that error? Does it even really matter? The bug > speaks for itself. It is like worrying about whether somebody who > filed a bug was running Windows or another proprietary OS or browser > on their desktop. > > Well, a tinderbox is just an automated process for doing just that. > We don't require any dev to use a proprietary tinderbox before > committing. It is something that individual devs choose to use for > themselves, automating the testing workflow and possibly the > submission of bugs. > > I think the key is something that was brought up earlier in the > thread: is this causing problems? If somebody is running some tool > against the repository and automatically filing bugs, and those bugs > are not useful/actionable and waste the time of volunteers, then that > is a problem. Proprietary tools do contribute to this since they can > generate results that are harder to reproduce, but if they are clear > and accurate and actionable it could still be a net-positive.
In some cases, yes, this is exactly the problem. This was one of the bugs reported in the now-deleted issue tracking repository on Github. > Of course if somebody wants to contribute to 100% FOSS tinderbox > efforts that would be even better. Perhaps if our 100% FOSS tinderbox > efforts addressed our needs very well, then nobody would want to > bother with the proprietary reports, or generating them. IMO it would > be better to create the FOSS solution before abandoning the > proprietary one. Doing otherwise is basically burning bridges - it > can be motivating in a sense but not really ideal. I'd love to have a > 100% FOSS solution around all of this, but I appreciate what has been > created and can hardly criticize volunteers for failing to make it > happen, especially since I haven't contributed to that myself. > > -- > Rich >
signature.asc
Description: PGP signature