Re: amending the new package process
On Monday, 23 February 2015 at 03:27, Orion Poplawski wrote: On 01/23/2015 04:32 PM, Kevin Kofler wrote: Nikos Mavrogiannopoulos wrote: My experience with the new package process is that the review process in Step 6 doesn't work. For some of my packages it took 3 months for a reviewer to appear, some others more, some where reviewed faster. My understanding is that it depends on how interesting the package is, how many packagers you know, or whether you enter the review swap market. Indeed, the review process is the main roadblock to getting things done in Fedora. IMHO, one easy solution to alleviate the problem would be to let experienced packagers (ones that are provenpackagers and/or packager sponsors) import their packages without a review (or with a self-review). We already trust these packagers to know what they're doing, and in particular, to know the packaging guidelines. So they should be perfectly able to verify the compliance of their own packages on their own. Doing this would clear a significant portion of the review queue instantly, and free up valuable reviewer time for those packages that really do need reviewing, those coming from new packagers. In many Free Software projects (e.g., GCC, KDE, etc.), the people who are allowed to approve other people's commits can also approve their own. Sure, there are others that insist (like us) on peer review by a second person, but those typically suffer from the same issue we do (stalled reviews all over the place). I'm a PP and a sponsor, and people still catch mistakes in reviews of my packages. Maybe I shouldn't be a PP/sponsor then, but there it is. Everybody makes mistakes, even PPs and sponsors. Trivial mistakes like typos or copypaste errors are easy to make and often difficult to spot. That's why having another person look at your package is vital. Also, doing away with reviews for packages submitted by existing packagers would remove the incentive for swap reviews for them. Regards, Dominik -- Fedora http://fedoraproject.org/wiki/User:Rathann RPMFusion http://rpmfusion.org Faith manages. -- Delenn to Lennier in Babylon 5:Confessions and Lamentations -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On 01/23/2015 04:32 PM, Kevin Kofler wrote: Nikos Mavrogiannopoulos wrote: My experience with the new package process is that the review process in Step 6 doesn't work. For some of my packages it took 3 months for a reviewer to appear, some others more, some where reviewed faster. My understanding is that it depends on how interesting the package is, how many packagers you know, or whether you enter the review swap market. Indeed, the review process is the main roadblock to getting things done in Fedora. IMHO, one easy solution to alleviate the problem would be to let experienced packagers (ones that are provenpackagers and/or packager sponsors) import their packages without a review (or with a self-review). We already trust these packagers to know what they're doing, and in particular, to know the packaging guidelines. So they should be perfectly able to verify the compliance of their own packages on their own. Doing this would clear a significant portion of the review queue instantly, and free up valuable reviewer time for those packages that really do need reviewing, those coming from new packagers. In many Free Software projects (e.g., GCC, KDE, etc.), the people who are allowed to approve other people's commits can also approve their own. Sure, there are others that insist (like us) on peer review by a second person, but those typically suffer from the same issue we do (stalled reviews all over the place). Kevin Kofler I'm a PP and a sponsor, and people still catch mistakes in reviews of my packages. Maybe I shouldn't be a PP/sponsor then, but there it is. -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA/CoRA DivisionFAX: 303-415-9702 3380 Mitchell Lane or...@cora.nwra.com Boulder, CO 80301 http://www.cora.nwra.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On 01/25/2015 08:19 AM, Zbigniew Jędrzejewski-Szmek wrote: On Sat, Jan 24, 2015 at 12:32:55AM +0100, Kevin Kofler wrote: Nikos Mavrogiannopoulos wrote: My experience with the new package process is that the review process in Step 6 doesn't work. For some of my packages it took 3 months for a reviewer to appear, some others more, some where reviewed faster. My understanding is that it depends on how interesting the package is, how many packagers you know, or whether you enter the review swap market. Indeed, the review process is the main roadblock to getting things done in Fedora. IMHO, one easy solution to alleviate the problem would be to let experienced packagers (ones that are provenpackagers and/or packager sponsors) import their packages without a review (or with a self-review). I doubt that pp and sponsors have packages stuck in the review queue. Those people have to communicate with other people in Fedora a lot, so attracting some attention to a review ticket should not be hard. Do you have any examples? I do still just toss many reviews onto the queue just to see if any ever get picked up. Some do, many don't. But you are correct, if any of them were particularly critical I would just ask for a review on the list. But it does show that putting stuff on the queue doesn't work very well. -- Orion Poplawski Technical Manager 303-415-9701 x222 NWRA/CoRA DivisionFAX: 303-415-9702 3380 Mitchell Lane or...@cora.nwra.com Boulder, CO 80301 http://www.cora.nwra.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On 01/24/2015 07:14 PM, Kevin Kofler wrote: Ralf Corsepius wrote: This is not entirely true. GCC and related projects apply a pretty complex peer review process, with defined roles and privileges. (Cf. the file MAINTAINERS in GCC's sourcetree for details). Somewhat over-simplified the process condenses into All proposed changes must be peer-reviewed by somebody who is formally in charge of a component to be changed. Exceptions apply for obvious changes. It has been a while since I have last been following the GCC mailing lists (so this may or may not have changed since then), but at least back then, a maintainer for a given part of GCC was allowed to commit to that part of GCC without having it reviewed by a second person, and a global maintainer was allowed to commit to ANY part of GCC without having it reviewed by a second person. If you were allowed to approve other people's commits, you were also allowed to approve your own. There were also people only allowed to write after approval, but that was only the default/least-trusted level of commit access granted, and write after approval developers were also not allowed to review other people's submissions (unlike our system where any packager can review other packager's submissions, but never their own). Has this changed since? No. It is as you describe. Andrew. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Fri, Feb 13, 2015 at 11:55:02AM +, Andrew Haley wrote: On 01/24/2015 07:14 PM, Kevin Kofler wrote: Ralf Corsepius wrote: This is not entirely true. GCC and related projects apply a pretty complex peer review process, with defined roles and privileges. (Cf. the file MAINTAINERS in GCC's sourcetree for details). Somewhat over-simplified the process condenses into All proposed changes must be peer-reviewed by somebody who is formally in charge of a component to be changed. Exceptions apply for obvious changes. It has been a while since I have last been following the GCC mailing lists (so this may or may not have changed since then), but at least back then, a maintainer for a given part of GCC was allowed to commit to that part of GCC without having it reviewed by a second person, and a global maintainer was allowed to commit to ANY part of GCC without having it reviewed by a second person. If you were allowed to approve other people's commits, you were also allowed to approve your own. There were also people only allowed to write after approval, but that was only the default/least-trusted level of commit access granted, and write after approval developers were also not allowed to review other people's submissions (unlike our system where any packager can review other packager's submissions, but never their own). Has this changed since? No. It is as you describe. No, we don't have global maintainers for quite a few years, only global reviewers who aren't allowed to approve their own changes. And, while we have various maintainers that for some part of code are allowed to approve their own changes, we have also many reviewers of particular parts of code that can approve only changes from other people but not their own. Jakub -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Sat, Jan 24, 2015 at 12:32:55AM +0100, Kevin Kofler wrote: Nikos Mavrogiannopoulos wrote: My experience with the new package process is that the review process in Step 6 doesn't work. For some of my packages it took 3 months for a reviewer to appear, some others more, some where reviewed faster. My understanding is that it depends on how interesting the package is, how many packagers you know, or whether you enter the review swap market. Indeed, the review process is the main roadblock to getting things done in Fedora. IMHO, one easy solution to alleviate the problem would be to let experienced packagers (ones that are provenpackagers and/or packager sponsors) import their packages without a review (or with a self-review). I doubt that pp and sponsors have packages stuck in the review queue. Those people have to communicate with other people in Fedora a lot, so attracting some attention to a review ticket should not be hard. Do you have any examples? We already trust these packagers to know what they're doing, and in particular, to know the packaging guidelines. So they should be perfectly able to verify the compliance of their own packages on their own. Doing this would clear a significant portion of the review queue instantly, and free up valuable reviewer time for those packages that really do need reviewing, those coming from new packagers. You're probably right a self-review would be sufficient in a great majority of cases, but let's check that it's actually necessary first. Zbyszek -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
- Original Message - I think the last bullet point here is the important part. I understand the disposition for a technical solution, but someone that just drops their package in - even after two months - isn't really getting a sense of community out of the experience. The process as-is, while it can be frustrating for all the reasons described, encourages new contributors to get acquainted with their fellow packagers and their sponsors. I'm not suggesting a de facto you must be sociable to be a Fedora Packager, but the process does reinforce that you're not alone when you get stuck, and you're not so isolated that nobody cares if you make a mistake. The informal reviews, irc chats, and list mails don't just garner experience; they help develop a sense of participation, and that leads to greater contributor retention. I believe we are talking past each other. My point is * The process doesn't work and your reply is: * The process was designed with good mindset, and should help everyone become better acquanted with Fedora. The latter are intentions and side effects which are good, _if and only if_ the process works well, which is not the case here. Maybe some list or other communication channel that's more clearly for packaging issues - I'm told devel@ can be intimidating - would help, but I'm not really suggesting anything specific. Everyone in the thread here, and probably far more, have answered inane questions from me at one time or another :P Sometimes more process and more guides can help, and sometimes you just need to bounce your understanding of the subject off someone to clear up misconceptions and gain a little confidence. That part isn't broken, but maybe new packagers don't know it. The issue I'm trying to point is not lack of communication or getting informal reviews. The issue I'm trying to point is about getting _formal_ reviews, or to simply, to get the job done. regards, Nikos -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
- Original Message - 2015-01-21 11:49 GMT+01:00 Nikos Mavrogiannopoulos n...@redhat.com: Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. I share your concern about the pending list but self-review is not acceptable. Just licensing review itself would be a blocker to your proposal. I don't understand what you mean above. But if we were to have a staging repository as suggested by Josh and Jaroslav, it could be something that we could consider. I believe it is really orthogonal to the issue. A staging repository will not solve the issue of adding a library which is a dependency of a package in Fedora proper. Moreover if it works better than the process we currently have, we end up having the staging repository always being added by the users, defeating the purpose of the processes we set. regards, Nikos -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On 01/24/2015 12:32 AM, Kevin Kofler wrote: In many Free Software projects (e.g., GCC, KDE, etc.), the people who are allowed to approve other people's commits can also approve their own. This is not entirely true. GCC and related projects apply a pretty complex peer review process, with defined roles and privileges. (Cf. the file MAINTAINERS in GCC's sourcetree for details). Somewhat over-simplified the process condenses into All proposed changes must be peer-reviewed by somebody who is formally in charge of a component to be changed. Exceptions apply for obvious changes. Ralf -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
PT == Pete Travis li...@petetravis.com writes: PT Maybe some list or other communication channel that's more clearly PT for packaging issues - I'm told devel@ can be intimidating - would PT help, but I'm not really suggesting anything specific. Just to be sure, you do know about packag...@lists.fedoraproject.org, right? I can't think of any list that's more clearly for packaging issues. It's there and it's active. Or did you mean something for new packagers? I'd be happy to be on that one, too. - J -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
Ralf Corsepius wrote: This is not entirely true. GCC and related projects apply a pretty complex peer review process, with defined roles and privileges. (Cf. the file MAINTAINERS in GCC's sourcetree for details). Somewhat over-simplified the process condenses into All proposed changes must be peer-reviewed by somebody who is formally in charge of a component to be changed. Exceptions apply for obvious changes. It has been a while since I have last been following the GCC mailing lists (so this may or may not have changed since then), but at least back then, a maintainer for a given part of GCC was allowed to commit to that part of GCC without having it reviewed by a second person, and a global maintainer was allowed to commit to ANY part of GCC without having it reviewed by a second person. If you were allowed to approve other people's commits, you were also allowed to approve your own. There were also people only allowed to write after approval, but that was only the default/least-trusted level of commit access granted, and write after approval developers were also not allowed to review other people's submissions (unlike our system where any packager can review other packager's submissions, but never their own). Has this changed since? Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Fri, Jan 23, 2015 at 03:15:10AM +0100, Haïkel wrote: 2015-01-21 11:49 GMT+01:00 Nikos Mavrogiannopoulos n...@redhat.com: snip Besides, some submitters do not try hard enough to find reviewers: * some reviews do not provide usable links to spec and srpm breaking usage of semi-automated reviewing tool. The more information you give to the reviewer, the more likely it will get reviewed fast. I've noticed a lot of reviews that are old commonly have broken links to spec files. I've never understood why the process does not describe to attach the spec file directly to bugzilla, though the SRPM probably should remain elsewhere simply due to size: https://fedoraproject.org/wiki/Join_the_package_collection_maintainers#Upload_Your_Package I initially thought I would suggest setting up a gerrit instance, but found this ticket explaining the difficulty in doing that: https://fedorahosted.org/fedora-infrastructure/ticket/2924 And then I found that we already have a reviewboard instance set up at: http://fedorahosted.org/reviewboard Would it be crazy to suggest leveraging that for package reviews? I think it would increase the visibility of pending reviews and allow reviews to be less cumbersome. (I am aware of the reviews listed on http://fedoraproject.org/PackageReviewStatus/) Jeff -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
Nikos Mavrogiannopoulos wrote: My experience with the new package process is that the review process in Step 6 doesn't work. For some of my packages it took 3 months for a reviewer to appear, some others more, some where reviewed faster. My understanding is that it depends on how interesting the package is, how many packagers you know, or whether you enter the review swap market. Indeed, the review process is the main roadblock to getting things done in Fedora. IMHO, one easy solution to alleviate the problem would be to let experienced packagers (ones that are provenpackagers and/or packager sponsors) import their packages without a review (or with a self-review). We already trust these packagers to know what they're doing, and in particular, to know the packaging guidelines. So they should be perfectly able to verify the compliance of their own packages on their own. Doing this would clear a significant portion of the review queue instantly, and free up valuable reviewer time for those packages that really do need reviewing, those coming from new packagers. In many Free Software projects (e.g., GCC, KDE, etc.), the people who are allowed to approve other people's commits can also approve their own. Sure, there are others that insist (like us) on peer review by a second person, but those typically suffer from the same issue we do (stalled reviews all over the place). Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Thu, 2015-01-22 at 14:49 +0100, Zbigniew Jędrzejewski-Szmek wrote: Unfortunately review swaps don't work for new packagers, before they are sponsored. They are encouraged to do informal reviews, but those reviews don't carry formal weight. I propose to change this, and allow non-sponsored packagers to do formal reviews, except that an actual packager with review rights has to ack the review. This is exactly what informal reviews are. -- Mathieu -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On 21/01/15 22:15, Matthias Runge wrote: On 21/01/15 11:49, Nikos Mavrogiannopoulos wrote: I don't have a solution to bring extra resources to reviewing (which will be the ideal), but I'd like to propose an amendment to allow bringing packages even if no reviewers are available (the typical case). Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. Open slather is probably not ideal. Perhaps we could formalize a multi-level reviewer approach... eg. I've done pre-reviews and reviews, picking up various items. But then someone who actually knows what they are doing in writing specs for Fedora often kicks in a makes lots of suggestions / points out issues. So for me, I'd be happy to pre-review packages, but I'm not confident that: - I'll pick up anything / everything - I quite often don't have much experience with a particular build system or source language. So again, I miss the easy way to get it to build properly. - To give a final OK/Accept on a package. I'd prefer for a more experienced packager to make that call. - License checking is difficult to understand. - I'm not keeping up with continued packaging guidelines changes. Hence: I propose creating groups of packagers/wiki pages with expertise in: - language specific area, eg Python. - build system specific, eg cmake. - licensing checking,. - package accepters. However, I get rather annoyed when I try to build a spec/srpm, and this doesn't work at all. Is there a possibility that we can have a review request with retrievable .spec and .srpm automatically be build in mock (current/previous/next release) and respond with build success/failure back to the review request bug. The submitter would then immediately know that they have BR/R issues to resolve (and that they probably should have built in mock before submission). Dave. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Thu, Jan 22, 2015 at 03:08:28PM +0100, Mathieu Bridon wrote: On Thu, 2015-01-22 at 14:49 +0100, Zbigniew Jędrzejewski-Szmek wrote: Unfortunately review swaps don't work for new packagers, before they are sponsored. They are encouraged to do informal reviews, but those reviews don't carry formal weight. I propose to change this, and allow non-sponsored packagers to do formal reviews, except that an actual packager with review rights has to ack the review. This is exactly what informal reviews are. I have never seen it work like that. If it wasn't clear, I think the (official) packager should be able to just say: I approve this review. If the review is bothed, the onus should fall on both parties. Currently the (offical) packager takes all the responsibility. And the review should be assigned to the sponsoree (in the sense of the Assigned To field in bugzilla) to make it more formal and easier to search for. Zbyszek -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Wed, Jan 21, 2015 at 12:10:19PM +0100, Vít Ondruch wrote: Dne 21.1.2015 v 11:49 Nikos Mavrogiannopoulos napsal(a): I'd like to propose an amendment to allow bringing packages even if no reviewers are available (the typical case). Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. The self review doesn't make sense, since I expect you did the package to your best knowledge already and you really want second pair of eyes to find any issues which slipped through your hands. Yes, I think that a review is always needed if we want to maintain quality. I'd guess that it is even more important for packages which stuck in the queue for a while: - simple and clean packages can often be reviewed and accepted in one sitting, the more complicated always require a few iterations. If nobody even comments this might be a sign that even if nothing is obviously wrong, the spec is unclear/complicated/iffy. - in the two months, things can change: FPC changes guidelines, upstream releases new versions, new warnings appear in the build process, etc. At least myself, I always looking for reviewer who cares to find every issues I missed, challenge my knowledge and I'd be quite unhappy to discover later that something slipped through review unnoticed. +1 And there is nothing wrong with review swaps. You help others, they help you. Yes, I think we should amend the wiki to explicitly tell people to write to fedora-devel after a few days. This would be fairly low volume and the is this an important and long-standing issue. Unfortunately review swaps don't work for new packagers, before they are sponsored. They are encouraged to do informal reviews, but those reviews don't carry formal weight. I propose to change this, and allow non-sponsored packagers to do formal reviews, except that an actual packager with review rights has to ack the review. This will reduce the work for exisiting packagers, give potential packagers a way to prove themselves and make sponsorship easier. Zbyszek -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Wed, Jan 21, 2015 at 01:16:47PM +0100, Nikos Mavrogiannopoulos wrote: On Wed, 2015-01-21 at 12:10 +0100, Vít Ondruch wrote: And there is nothing wrong with review swaps. You help others, they help you. That's good for you, but unacceptable to me. That way we penalize people who add packages. Can you explain why people who add packages are penalized? Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-df lists disk usage of guests without needing to install any software inside the virtual machine. Supports Linux and Windows. http://people.redhat.com/~rjones/virt-df/ -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Thu, Jan 22, 2015 at 04:04:37PM +0100, Matthias Runge wrote: On 22/01/15 15:17, Zbigniew Jędrzejewski-Szmek wrote: On Thu, Jan 22, 2015 at 03:08:28PM +0100, Mathieu Bridon wrote: On Thu, 2015-01-22 at 14:49 +0100, Zbigniew Jędrzejewski-Szmek wrote: Unfortunately review swaps don't work for new packagers, before they are sponsored. They are encouraged to do informal reviews, but those reviews don't carry formal weight. I propose to change this, and allow non-sponsored packagers to do formal reviews, except that an actual packager with review rights has to ack the review. This is exactly what informal reviews are. I have never seen it work like that. If it wasn't clear, I think the (official) packager should be able to just say: I approve this review. If the review is bothed, the onus should fall on both parties. Currently the (offical) packager takes all the responsibility. I think, this is an misconception. We should encourage people, to do more informal reviews. The thing is, it's not that easy to dive deep into material here. Simply running fedora-review and copy/pasting stuff into bz is a starter. Sure, and it's a good thing to encourage all potential packagers to do, both on their own and on others' packages. Each informal review helps to identify potential issues with a package. On the other side, they will serve as learning material for the new packager. Reading others code helps to improve your own. Yes, I agree with all that. But making those informal reviews more official would help the reviews engage in them more, and reduce our review backlog a bit. About responsibility: both are responsible now. Of course, the package owner or point of contact is the person getting bz emails etc, but the reviewer is the person letting issues get into SCM. I was talking about the informal reviewer and the formal reviewer, and the responsibility for the *review*. Not the packager of the package. Zbyszek -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Thu, 2015-01-22 at 09:57 -0500, Miloslav Trmač wrote: That's wishful thinking. I proposed that rule in order to make apparent the fact that there are not enough reviewers and new packages are blocked in the queue. Ignoring the fact isn't going to make it go away. True, there are not enough _voluntary_ reviewers. But review swaps generally seem to work, or don’t they in your experience? And there is nothing wrong with review swaps. You help others, they help you. That's good for you, but unacceptable to me. That way we penalize people who add packages. Penalize in what sense? In the sense, that in addition to packaging something new you have to review something else in order to get your new package in. If reviewing is voluntary it should affect every packager the same, not just the ones who bring new packages. It is unavoidable that when reviews are mandatory, overall the project’s contributors need to do as many reviews as new code additions. That’s not a penalty for anything, it is just a task, or, to put it another way, Fedora’s choice of desired packaging quality level. My view is different. Since only the packagers would bring something new need to review, I see it as a penalty. The more you bring in, the more you need to review. If you don't bring anything in; no need for reviews. As to whether this quality level is warranted and those reviews are necessary, unfortunately, with the current packaging mechanisms, it probably is; because there are quite a few ways to screw up or to take shortcuts, and people who want to primarily focus on application source code instead of packaging tend to take these shortcuts at most opportunities (and historically Red Hat employees have been the sources of most of the most egregious shortcuts or worse) I am not against reviews, I'm against something I see it doesn't work. If I see it as an external contributor to the project, having to wait several months to get a review of my new addition is something that would certainly deter me from contributing to the project. I will be more than happy to prove me wrong. The best is to have a measurable goal for the process of reviews; E.g., 90% of the reviews have to happen before X days, or months or years, or the review process must change. Otherwise we are keeping quality by avoiding anything new. regards, Nikos -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Thu, Jan 22, 2015 at 04:37:22PM +0100, Nikos Mavrogiannopoulos wrote: And there is nothing wrong with review swaps. You help others, they help you. That's good for you, but unacceptable to me. That way we penalize people who add packages. Penalize in what sense? In the sense, that in addition to packaging something new you have to review something else in order to get your new package in. If reviewing is voluntary it should affect every packager the same, not just the ones who bring new packages. I think there's another aspect here which hasn't been mentioned. Generally, Fedora's policy compliance mechanisms are based on _initial gating_. That is, we have a really strict package review, but once a package is in, you can deviate from the guidelines like crazy and we have no ongoing process to catch that, and only ad-hoc approaches for correcting something gone really wrong. Basically, once a package is in, we rely on trust in its maintainer. And, this extends a step out to package maintainers themselves — we have a high initial bar to getting a package in, but once you're sponsored, we assign a great deal of trust. So, in some respects, the incredibly painful process works _intentionally_ to weed out contributors who aren't serious enough to get over that hurdle, on the theory that those who do stay and surmount it have earned a certain level of project merit and trust. Now, I'm not saying that this is the best possible approach — or even that it really works. But I think it _is_ an important angle. -- Matthew Miller mat...@fedoraproject.org Fedora Project Leader -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Wed, 2015-01-21 at 12:10 +0100, Vít Ondruch wrote:
I'd like to propose an amendment to allow
bringing packages even if no reviewers are available (the typical case).
Step 6: ... If the proposed package is not reviewed for 2 months, the
package must be reviewed by the submitter, and a git module with the
master branch will be approved.
The self review doesn't make sense, since I expect you did the package
to your best knowledge already and you really want second pair of eyes
to find any issues which slipped through your hands.
At least myself, I always looking for reviewer who cares to find every
issues I missed, challenge my knowledge and I'd be quite unhappy to
discover later that something slipped through review unnoticed.
That's wishful thinking. I proposed that rule in order to make apparent
the fact that there are not enough reviewers and new packages are
blocked in the queue. Ignoring the fact isn't going to make it go away.
True, there are not enough _voluntary_ reviewers. But review swaps generally
seem to work, or don’t they in your experience?
And there is nothing wrong with review swaps. You help others, they help
you.
That's good for you, but unacceptable to me. That way we penalize people
who add packages.
Penalize in what sense? It is unavoidable that when reviews are mandatory,
overall the project’s contributors need to do as many reviews as new code
additions. That’s not a penalty for anything, it is just a task, or, to put it
another way, Fedora’s choice of desired packaging quality level.
As to whether this quality level is warranted and those reviews are necessary,
unfortunately, with the current packaging mechanisms, it probably is; because
there are quite a few ways to screw up or to take shortcuts, and people who
want to primarily focus on application source code instead of packaging tend to
take these shortcuts at most opportunities (and historically Red Hat employees
have been the sources of most of the most egregious shortcuts or worse).¹
Ideally, most of the guidelines, and thus the reviews, shouldn’t _exist_: we
should have software either implementing the packaging functionality so that
the easiest shortcut is to do it correctly, or at least software doing
automated reviews. But that just isn’t happening; apparently we have enough
volunteers interested in writing and approving guidelines, but enough
volunteers interested in writing the code to make the guidelines go away.²
Mirek
¹ Admittedly it is inconsistent that the _only_ thing in the project which
requires an independent review is packaging, and only the initial packaging at
that. OTOH there are plausible {reasons,excuses} for that: getting qualified
independent reviewers for non-packaging code would be so difficult to make it
not worth it, and once a packaging happens correctly it tends to stay correct
because exactly the people inclined to take shortcuts are not likely to touch
it if they don’t have to.
² Though, fedora-review exists, and hasn’t AFAICT replaced any item in the
guidelines; so it is very well possible I am missing a part of the story.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On 22/01/15 15:17, Zbigniew Jędrzejewski-Szmek wrote: On Thu, Jan 22, 2015 at 03:08:28PM +0100, Mathieu Bridon wrote: On Thu, 2015-01-22 at 14:49 +0100, Zbigniew Jędrzejewski-Szmek wrote: Unfortunately review swaps don't work for new packagers, before they are sponsored. They are encouraged to do informal reviews, but those reviews don't carry formal weight. I propose to change this, and allow non-sponsored packagers to do formal reviews, except that an actual packager with review rights has to ack the review. This is exactly what informal reviews are. I have never seen it work like that. If it wasn't clear, I think the (official) packager should be able to just say: I approve this review. If the review is bothed, the onus should fall on both parties. Currently the (offical) packager takes all the responsibility. I think, this is an misconception. We should encourage people, to do more informal reviews. The thing is, it's not that easy to dive deep into material here. Simply running fedora-review and copy/pasting stuff into bz is a starter. Each informal review helps to identify potential issues with a package. On the other side, they will serve as learning material for the new packager. Reading others code helps to improve your own. About responsibility: both are responsible now. Of course, the package owner or point of contact is the person getting bz emails etc, but the reviewer is the person letting issues get into SCM. Matthias -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Thu, 2015-01-22 at 15:08 +0100, Mathieu Bridon wrote: On Thu, 2015-01-22 at 14:49 +0100, Zbigniew Jędrzejewski-Szmek wrote: Unfortunately review swaps don't work for new packagers, before they are sponsored. They are encouraged to do informal reviews, but those reviews don't carry formal weight. I propose to change this, and allow non-sponsored packagers to do formal reviews, except that an actual packager with review rights has to ack the review. This is exactly what informal reviews are. As far as I understand the current informal reviews require even more people to be involved than the formal reviews. They can be hardly a solution to the problem of not having enough reviewers. regards, Nikos -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
2015-01-21 11:49 GMT+01:00 Nikos Mavrogiannopoulos n...@redhat.com: Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. I share your concern about the pending list but self-review is not acceptable. Just licensing review itself would be a blocker to your proposal. But if we were to have a staging repository as suggested by Josh and Jaroslav, it could be something that we could consider. What saddens me is that we have plenty of packagers and sponsors and only a very small fraction does review. We should find a way to encourage people doing review even *INFORMAL* ones. Good informal reviews is the best way to get sponsored, and helps decreasing the pile (as a sponsor, I approve a positive and good quality informal review by my mentees). Besides, some submitters do not try hard enough to find reviewers: * some reviews do not provide usable links to spec and srpm breaking usage of semi-automated reviewing tool. The more information you give to the reviewer, the more likely it will get reviewed fast. * reviews swapping: 376 pending reviews but how many swapping requests on this list ? * Just go asking your fellow packagers on irc/mail or SIG if there's one. though I keep telling that I'm more than willing to do python reviews (for free, no swapping!), very little people ping me. If everyone does an effort, it will be less of a problem. H. PS: please no badges for reviewing, it would probably help getting more reviewers at the expense of quality. Reviews quality is also another problem. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Thu, 2015-01-22 at 09:57 -0500, Miloslav Trmač wrote: That's good for you, but unacceptable to me. That way we penalize people who add packages. Penalize in what sense? In the sense, that in addition to packaging something new you have to review something else in order to get your new package in. If reviewing is voluntary it should affect every packager the same, not just the ones who bring new packages. That’s nice in theory but just doesn’t work; everyone “should be reviewing packages or else what? The current solution has two advantages, 1) most importantly, it actually (mostly) works, unlike saying “please review packages thank you” 2) it is vaguely fair in the sense that who drains the pool of available reviewers is also required to resupply it. I am not against reviews, I'm against something I see it doesn't work. It is true enough that this doesn’t work well for _new_ contributors, yes. For already sponsored packagers that can get their package reviewed by swapping a review, I don’t currently think this is a particularly big problem. Otherwise we are keeping quality by avoiding anything new. (Well that is actually a valid choice to make if it is made consciously ☺) I do agree that we seem to be overshooting with the packaging quality, but how can we actually improve things? I don’t think the proposal of wait 2 months then auto-approve” will make much difference for the new/inexperienced/impatient newcomers. Mirek -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Thu, 2015-01-22 at 11:30 -0500, Matthew Miller wrote: Penalize in what sense? In the sense, that in addition to packaging something new you have to review something else in order to get your new package in. If reviewing is voluntary it should affect every packager the same, not just the ones who bring new packages. I think there's another aspect here which hasn't been mentioned. Generally, Fedora's policy compliance mechanisms are based on _initial gating_. That is, we have a really strict package review, but once a package is in, you can deviate from the guidelines like crazy and we have no ongoing process to catch that, and only ad-hoc approaches for correcting something gone really wrong. Basically, once a package is in, we rely on trust in its maintainer. And, this extends a step out to package maintainers themselves — we have a high initial bar to getting a package in, but once you're sponsored, we assign a great deal of trust. So, in some respects, the incredibly painful process works _intentionally_ to weed out contributors who aren't serious enough to get over that hurdle, on the theory that those who do stay and surmount it have earned a certain level of project merit and trust. I understand, and I agree in principle with that. However, the issue here is not that there are strict or conflicting reviews. The main issue is that it is difficult to get any reviews. regards, Nikos -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On 01/22/2015 07:15 PM, Haïkel wrote: 2015-01-21 11:49 GMT+01:00 Nikos Mavrogiannopoulos n...@redhat.com: Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. I share your concern about the pending list but self-review is not acceptable. Just licensing review itself would be a blocker to your proposal. But if we were to have a staging repository as suggested by Josh and Jaroslav, it could be something that we could consider. What saddens me is that we have plenty of packagers and sponsors and only a very small fraction does review. We should find a way to encourage people doing review even *INFORMAL* ones. Good informal reviews is the best way to get sponsored, and helps decreasing the pile (as a sponsor, I approve a positive and good quality informal review by my mentees). Besides, some submitters do not try hard enough to find reviewers: * some reviews do not provide usable links to spec and srpm breaking usage of semi-automated reviewing tool. The more information you give to the reviewer, the more likely it will get reviewed fast. * reviews swapping: 376 pending reviews but how many swapping requests on this list ? * Just go asking your fellow packagers on irc/mail or SIG if there's one. though I keep telling that I'm more than willing to do python reviews (for free, no swapping!), very little people ping me. If everyone does an effort, it will be less of a problem. H. PS: please no badges for reviewing, it would probably help getting more reviewers at the expense of quality. Reviews quality is also another problem. I think the last bullet point here is the important part. I understand the disposition for a technical solution, but someone that just drops their package in - even after two months - isn't really getting a sense of community out of the experience. The process as-is, while it can be frustrating for all the reasons described, encourages new contributors to get acquainted with their fellow packagers and their sponsors. I'm not suggesting a de facto you must be sociable to be a Fedora Packager, but the process does reinforce that you're not alone when you get stuck, and you're not so isolated that nobody cares if you make a mistake. The informal reviews, irc chats, and list mails don't just garner experience; they help develop a sense of participation, and that leads to greater contributor retention. Maybe some list or other communication channel that's more clearly for packaging issues - I'm told devel@ can be intimidating - would help, but I'm not really suggesting anything specific. Everyone in the thread here, and probably far more, have answered inane questions from me at one time or another :P Sometimes more process and more guides can help, and sometimes you just need to bounce your understanding of the subject off someone to clear up misconceptions and gain a little confidence. That part isn't broken, but maybe new packagers don't know it. -- -- Pete PS: Haïkel, if you're passing out python reviews... -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On 21/01/15 11:49, Nikos Mavrogiannopoulos wrote: I don't have a solution to bring extra resources to reviewing (which will be the ideal), but I'd like to propose an amendment to allow bringing packages even if no reviewers are available (the typical case). Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. Ugh, thank you for trying to address our way-too-long review queue. I agree, the submitter should review their own submission, but this review should be ideally done before sending a package up for review through a second pair of eyes. Let's make an example, a submitter puts up a review containing copyrighted material; this should be caught during review process. Due the submitter will think, everything is alright, he will check that material into SCM and we'll start distributing that. Matthias -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
Dne 21.1.2015 v 11:49 Nikos Mavrogiannopoulos napsal(a): I'd like to propose an amendment to allow bringing packages even if no reviewers are available (the typical case). Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. The self review doesn't make sense, since I expect you did the package to your best knowledge already and you really want second pair of eyes to find any issues which slipped through your hands. At least myself, I always looking for reviewer who cares to find every issues I missed, challenge my knowledge and I'd be quite unhappy to discover later that something slipped through review unnoticed. And there is nothing wrong with review swaps. You help others, they help you. Vít -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Wed, Jan 21, 2015 at 7:16 AM, Nikos Mavrogiannopoulos n...@redhat.com wrote: On Wed, 2015-01-21 at 12:10 +0100, Vít Ondruch wrote: I'd like to propose an amendment to allow bringing packages even if no reviewers are available (the typical case). Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. The self review doesn't make sense, since I expect you did the package to your best knowledge already and you really want second pair of eyes to find any issues which slipped through your hands. At least myself, I always looking for reviewer who cares to find every issues I missed, challenge my knowledge and I'd be quite unhappy to discover later that something slipped through review unnoticed. That's wishful thinking. I proposed that rule in order to make apparent the fact that there are not enough reviewers and new packages are blocked in the queue. Ignoring the fact isn't going to make it go away. I've often thought having a staging repository for packages in this state would be nice. They could be worked on there, and then promoted to the full repo when they passed review. josh -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
- Original Message - On Wed, Jan 21, 2015 at 7:16 AM, Nikos Mavrogiannopoulos n...@redhat.com wrote: On Wed, 2015-01-21 at 12:10 +0100, Vít Ondruch wrote: I'd like to propose an amendment to allow bringing packages even if no reviewers are available (the typical case). Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. The self review doesn't make sense, since I expect you did the package to your best knowledge already and you really want second pair of eyes to find any issues which slipped through your hands. At least myself, I always looking for reviewer who cares to find every issues I missed, challenge my knowledge and I'd be quite unhappy to discover later that something slipped through review unnoticed. That's wishful thinking. I proposed that rule in order to make apparent the fact that there are not enough reviewers and new packages are blocked in the queue. Ignoring the fact isn't going to make it go away. I've often thought having a staging repository for packages in this state would be nice. They could be worked on there, and then promoted to the full repo when they passed review. This was one of the main ideas behind Playground repository [1]. And one thing we had hard times to agree on (is it staging or repository for something that will never go to Fedora proper?). Maybe it's really time to revive it. On the other hand, Copr itself helped a lot (And Copr would backup the whole Playground repo). Jaroslav [1] http://fedoraproject.org/wiki/Changes/Playground_repository josh -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: amending the new package process
On Wed, 2015-01-21 at 12:10 +0100, Vít Ondruch wrote: I'd like to propose an amendment to allow bringing packages even if no reviewers are available (the typical case). Step 6: ... If the proposed package is not reviewed for 2 months, the package must be reviewed by the submitter, and a git module with the master branch will be approved. The self review doesn't make sense, since I expect you did the package to your best knowledge already and you really want second pair of eyes to find any issues which slipped through your hands. At least myself, I always looking for reviewer who cares to find every issues I missed, challenge my knowledge and I'd be quite unhappy to discover later that something slipped through review unnoticed. That's wishful thinking. I proposed that rule in order to make apparent the fact that there are not enough reviewers and new packages are blocked in the queue. Ignoring the fact isn't going to make it go away. And there is nothing wrong with review swaps. You help others, they help you. That's good for you, but unacceptable to me. That way we penalize people who add packages. regards, Nikos -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
