Bug#819724: Please find a second maintainer
On Thu, Apr 07, 2016 at 10:22:24PM +0200, Tormod Volden wrote: > On Thu, Apr 7, 2016 at 9:25 AM, Goswin von Brederlow> wrote: > > The BTS is not just for the maintainer. It also documents things for > > users. Like what bugs are already known. > > > > When I see a package with lots of patches in the BTS my willingness to > > patch something myself goes right down the drain. Who would want to > > spend their time writing patches if the maintainer will just ignore > > them for years? > > There are only 3 patches in there all together. They have all been > reviewed and rejected by upstream. Maybe one, if rewritten, could be a > candidate for a Debian specific patch (tmp files location). pmfji, but I have just recently been pointed to this bug report. If a patch filed with a Debian bug is unacceptable, for example because upstream rejects it and the Debian maintainer rightfully decides to stay in line with upstream, or because the patch does not apply any more, or because the maintainer does not like the submitter's nose, the patch tag should be removed, and, if applicable, the wontfix tag should be added. This saves time of volunteers who want to triage bug reports. Please consider being nicer to people who want to help with your package. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Bug#819724: Please find a second maintainer
On Thu, Apr 7, 2016 at 9:25 AM, Goswin von Brederlowwrote: > The BTS is not just for the maintainer. It also documents things for > users. Like what bugs are already known. > > When I see a package with lots of patches in the BTS my willingness to > patch something myself goes right down the drain. Who would want to > spend their time writing patches if the maintainer will just ignore > them for years? There are only 3 patches in there all together. They have all been reviewed and rejected by upstream. Maybe one, if rewritten, could be a candidate for a Debian specific patch (tmp files location). > > I'm sure you handled all the security stuff as you say but you are the > only one that knows that. Everyone else looks at the BTS and sees bugs > tagged security. When I see a package in the BTS with bugs tagged > security then I start to worry. You have a point there, appearances may give the wrong impression. I will take a look at getting rid of these, for example the LDAP bug you mention below. Also since some very uninformed people may not understand that we backport all valid security fixes to stable (I've seen lot a of stupid remarks lately). > That would be just a drive-by shooting. You won't get more info just > ebcause someone sets the more-info tag. One also has to track down the > submitter and at least test the issue itself too. Since I don't use > LDAP that would be rather a lot of work. And what for? If I write a > patch it's just going to rot in the BTS form all apearances. See my > point? That bug was maybe not a good example, but there are many places where a drive-by contributor can be useful. Of course someone with a longer perspective is much preferred. But often large contributions starts with small steps, scratching their own itch, for then to be pulled in. > > Saddly that is also not how it works. Usualy a package rots away for > years getting worse and worse before it finally blows and someone else > gets so fed up with it and steps up to take over. You are doing a too > good job for that to happen. Sometimes you have to get the word out > that help is needed or simply just wanted to attract someone. I think we both are just sketching up possible ways this works or not. Anyway, it is probably good if I make clear that I am welcoming co-maintainers. This is how we ran it before, just that the previous co-maintainer had more important issue to attend to and had to step down. Unlike some other maintainers I am in favour of collective and shared maintenance. > > Front desk is part of the new maintainer process and is staffed by a > few people: > > https://nm.debian.org/public/managers > > I think the alias for it is front-d...@debian.org. And the long line > of people longing to help out is every person wanting to become Debian > Maintainer or Debian Developer. So yeah, there is aline. Wether they > will stay with your package after they completed the NM process or not > is up in the air. Maybe they will, maybe they won't. It's unlikely > though. But hey, if you do this once every 3 years the BTS will look a > lot cleaner and eventually someone will stick. :) Thanks for the link, I will check it out. Regards, Tormod
Bug#819724: Please find a second maintainer
On Tue, Apr 05, 2016 at 11:36:19PM +0200, Tormod Volden wrote: > severity wishlist > > On Fri, Apr 1, 2016 at 3:29 PM, Goswin von Brederlow wrote: > > Package: xscreensaver > > Severity: important > > > > The xscreensaver package has 120 bugs going back over 9 years that are > > just rotting in the BTS without attention. Some of them are tagged > > security, some tagged patch. A lot of bugs have not been modified > > since shortly after they were reported. > > Hi Goswin, > > The BTW can probably need some triaging. I am aware of (hopefully) all > bugs there though, and there is nothing that really demands attention. > There are a lot of wishes, patches that should go upstream or down the > drain - we don't want to carry the support burden for them - and some > are graphic drivers issues. > > > > > I sad to say but you are not doing as good a job maintaining the > > package as you should. Maybe you aren't that interested in > > xscreensaver anymore or you don't have the time or any number of other > > valid reasons. But fact is that bugs are being left to rot in the BTS. > > I am maintaining the package as I have been doing over many, many > years. Security problems are taken care of immediately and upstream > releases are packaged in due time. The number of bugs have been very > stable over the years. I don't have any strong motivation to work much > more intensive on it than I have done, that's for sure. > > Some bugs can sure be closed, but why is that important to you? They > are there mainly to help the maintainers, and people contributing. > Granted, I am sure many bugs can be closed though, or moved to > wishlist. It is just not the highest of my priorities, and nobody else > has stepped up to do it. Hey wait - one guy mentioned some willingness > a few weeks ago - maybe we are lucky, I will follow that up. The BTS is not just for the maintainer. It also documents things for users. Like what bugs are already known. When I see a package with lots of patches in the BTS my willingness to patch something myself goes right down the drain. Who would want to spend their time writing patches if the maintainer will just ignore them for years? I'm sure you handled all the security stuff as you say but you are the only one that knows that. Everyone else looks at the BTS and sees bugs tagged security. When I see a package in the BTS with bugs tagged security then I start to worry. > > For example #403557 should have been tagged more-info and eventually > > closed as unreproducible 9 years ago and is still there tagged > > security. > > Are you not able to tag it as more-info? If you are unable to help > because of technical issues, we can probably figure that out. It is > not like the maintainer has to do everything and nobody else can help. That would be just a drive-by shooting. You won't get more info just ebcause someone sets the more-info tag. One also has to track down the submitter and at least test the issue itself too. Since I don't use LDAP that would be rather a lot of work. And what for? If I write a patch it's just going to rot in the BTS form all apearances. See my point? > > So I urge you to please find a new maintainer to either take over (in > > the worst case) or simply work alongside yourself to help clean up the > > backlog of bugs in this package. > > This is not how it works in practice. Anyone interested in the package > will help to maintain the package, sending patches against the VCS > etc. I don't see why nobody can just help out triaging bugs. People > helping out over time can become co-maintainers. If I don't do much > useful any longer, I can pull out and the other people will remain > maintainers. This is how I got into this. If they are not genuinely > interested (and pop up by themselves) there are small changes they > will stick around. Saddly that is also not how it works. Usualy a package rots away for years getting worse and worse before it finally blows and someone else gets so fed up with it and steps up to take over. You are doing a too good job for that to happen. Sometimes you have to get the word out that help is needed or simply just wanted to attract someone. > > If it is just that you left bugs open for so long (or inherited them > > from a revious maintainer) that now you are swamped and can't catch up > > then you could also contact the front desk to get some prospective new > > DDs assigned to look over and triage bugs. It's good experience for > > them and the package would hopefully get back on track. > > Yes, it might be a good idea to get some people working on this. But > it won't help me to get someone to just close bugs for the sake of > closing bugs for then to disappear again. We need someone with long > time commitment. Do you have a link to this "front desk"? I am > optimistically imagining a long line of people longing to help out > maintaining 8-) Front desk is part of the new maintainer process and is staffed by a few people:
Bug#819724: Please find a second maintainer
severity wishlist On Fri, Apr 1, 2016 at 3:29 PM, Goswin von Brederlow wrote: > Package: xscreensaver > Severity: important > > The xscreensaver package has 120 bugs going back over 9 years that are > just rotting in the BTS without attention. Some of them are tagged > security, some tagged patch. A lot of bugs have not been modified > since shortly after they were reported. Hi Goswin, The BTW can probably need some triaging. I am aware of (hopefully) all bugs there though, and there is nothing that really demands attention. There are a lot of wishes, patches that should go upstream or down the drain - we don't want to carry the support burden for them - and some are graphic drivers issues. > > I sad to say but you are not doing as good a job maintaining the > package as you should. Maybe you aren't that interested in > xscreensaver anymore or you don't have the time or any number of other > valid reasons. But fact is that bugs are being left to rot in the BTS. I am maintaining the package as I have been doing over many, many years. Security problems are taken care of immediately and upstream releases are packaged in due time. The number of bugs have been very stable over the years. I don't have any strong motivation to work much more intensive on it than I have done, that's for sure. Some bugs can sure be closed, but why is that important to you? They are there mainly to help the maintainers, and people contributing. Granted, I am sure many bugs can be closed though, or moved to wishlist. It is just not the highest of my priorities, and nobody else has stepped up to do it. Hey wait - one guy mentioned some willingness a few weeks ago - maybe we are lucky, I will follow that up. > For example #403557 should have been tagged more-info and eventually > closed as unreproducible 9 years ago and is still there tagged > security. Are you not able to tag it as more-info? If you are unable to help because of technical issues, we can probably figure that out. It is not like the maintainer has to do everything and nobody else can help. > > So I urge you to please find a new maintainer to either take over (in > the worst case) or simply work alongside yourself to help clean up the > backlog of bugs in this package. This is not how it works in practice. Anyone interested in the package will help to maintain the package, sending patches against the VCS etc. I don't see why nobody can just help out triaging bugs. People helping out over time can become co-maintainers. If I don't do much useful any longer, I can pull out and the other people will remain maintainers. This is how I got into this. If they are not genuinely interested (and pop up by themselves) there are small changes they will stick around. > > If it is just that you left bugs open for so long (or inherited them > from a revious maintainer) that now you are swamped and can't catch up > then you could also contact the front desk to get some prospective new > DDs assigned to look over and triage bugs. It's good experience for > them and the package would hopefully get back on track. Yes, it might be a good idea to get some people working on this. But it won't help me to get someone to just close bugs for the sake of closing bugs for then to disappear again. We need someone with long time commitment. Do you have a link to this "front desk"? I am optimistically imagining a long line of people longing to help out maintaining 8-) > > MfG > Goswin > > PS: This is not a personal attack on you but an encouragement to make > the package the best it can be. Thanks! All contributions are welcome. Best regards, Tormod
Bug#819724: Please find a second maintainer
Package: xscreensaver Severity: important The xscreensaver package has 120 bugs going back over 9 years that are just rotting in the BTS without attention. Some of them are tagged security, some tagged patch. A lot of bugs have not been modified since shortly after they were reported. I sad to say but you are not doing as good a job maintaining the package as you should. Maybe you aren't that interested in xscreensaver anymore or you don't have the time or any number of other valid reasons. But fact is that bugs are being left to rot in the BTS. For example #403557 should have been tagged more-info and eventually closed as unreproducible 9 years ago and is still there tagged security. So I urge you to please find a new maintainer to either take over (in the worst case) or simply work alongside yourself to help clean up the backlog of bugs in this package. If it is just that you left bugs open for so long (or inherited them from a revious maintainer) that now you are swamped and can't catch up then you could also contact the front desk to get some prospective new DDs assigned to look over and triage bugs. It's good experience for them and the package would hopefully get back on track. MfG Goswin PS: This is not a personal attack on you but an encouragement to make the package the best it can be.