Re: Who checks the exception at fedora-scm-requests?
On Thu, Jun 09, 2022 at 09:09:30PM +0200, Miro Hrončok wrote: > Hello, > > I've recently seen a package that was imported into Fedora without a package > review. I've noticed this because the packages doesn't even install and I > wanted to check if this could have been caught in the package review but I > couldn't find it, so I've checked the fedora-scm-requests ticket. > > The ticket at fedora-scm-requests was created with exception=true. I am not > going to link to it, because I am not here to point fingers. I am just > genuinely curious. > > According to > https://docs.fedoraproject.org/en-US/packaging-guidelines/ReviewGuidelines/#_package_review_process > we have 3 kinds of exceptions: > > - FPC grants an explicit exemption from the process... > - The package is being created so that multiple versions of the same package > can coexist in the distribution... > - The package exists in both Fedora and RHEL, but the packager wants to ship > it in EPEL under an alternative name... > > In those cases, the packager requests the repo with --exception, makes sense. > > However, who checks if the flag was used according to the rules? Because > apparently, is seems that nobody does. Is it expected that we are all > responsible people who would not abuse this simply to avoid package reviews? The scm admin processing the request should check it. :( Perhaps this was simply missed and/or perhaps the tool could be better about showing when a ticket is an exception. ;( Do note that we are working on automating most of this away. If/when that happens the exceptions would then be... exceptions. (ie, the automation would refuse to process them and ask a human to do so, unless we can come up with a way to check these cases in an unattended way). kevin signature.asc Description: PGP signature ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Who checks the exception at fedora-scm-requests?
On 09. 06. 22 21:11, Neal Gompa wrote: On Thu, Jun 9, 2022 at 3:09 PM Miro Hrončok wrote: Hello, I've recently seen a package that was imported into Fedora without a package review. I've noticed this because the packages doesn't even install and I wanted to check if this could have been caught in the package review but I couldn't find it, so I've checked the fedora-scm-requests ticket. The ticket at fedora-scm-requests was created with exception=true. I am not going to link to it, because I am not here to point fingers. I am just genuinely curious. According to https://docs.fedoraproject.org/en-US/packaging-guidelines/ReviewGuidelines/#_package_review_process we have 3 kinds of exceptions: - FPC grants an explicit exemption from the process... - The package is being created so that multiple versions of the same package can coexist in the distribution... - The package exists in both Fedora and RHEL, but the packager wants to ship it in EPEL under an alternative name... In those cases, the packager requests the repo with --exception, makes sense. However, who checks if the flag was used according to the rules? Because apparently, is seems that nobody does. Is it expected that we are all responsible people who would not abuse this simply to avoid package reviews? On a basic level, I'm kind of surprised we don't have an exception reason flag to ensure that the choice is being validated by someone. I don't know how you'd validate it right now. Makes perfect sense. E.g. this could even be a free form text passed to exception that could be something like: - link to fpc ticket - alternate version exception, other packages are foobar2.0 and foobar3.0 - EPEL alternate name exception, RHEL package is foobar -- Miro Hrončok -- Phone: +420777974800 IRC: mhroncok ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Who checks the exception at fedora-scm-requests?
On 09. 06. 22 21:26, Adam Williamson wrote: On Thu, 2022-06-09 at 21:09 +0200, Miro Hrončok wrote: Hello, I've recently seen a package that was imported into Fedora without a package review. I've noticed this because the packages doesn't even install and I wanted to check if this could have been caught in the package review but I couldn't find it, so I've checked the fedora-scm-requests ticket. The ticket at fedora-scm-requests was created with exception=true. I am not going to link to it, because I am not here to point fingers. I am just genuinely curious. According to https://docs.fedoraproject.org/en-US/packaging-guidelines/ReviewGuidelines/#_package_review_process we have 3 kinds of exceptions: - FPC grants an explicit exemption from the process... - The package is being created so that multiple versions of the same package can coexist in the distribution... - The package exists in both Fedora and RHEL, but the packager wants to ship it in EPEL under an alternative name... In those cases, the packager requests the repo with --exception, makes sense. However, who checks if the flag was used according to the rules? Because apparently, is seems that nobody does. Is it expected that we are all responsible people who would not abuse this simply to avoid package reviews? Isn't there also an exception for reviving a retired package within a certain window? Yes, but unretiring does not involve fedpkg request-repo and fedora-scm-requests tickets. It involves a releng ticket and relengs do check if the rules are met in that case. -- Miro Hrončok -- Phone: +420777974800 IRC: mhroncok ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Who checks the exception at fedora-scm-requests?
On Thu, 2022-06-09 at 21:09 +0200, Miro Hrončok wrote: > Hello, > > I've recently seen a package that was imported into Fedora without a package > review. I've noticed this because the packages doesn't even install and I > wanted to check if this could have been caught in the package review but I > couldn't find it, so I've checked the fedora-scm-requests ticket. > > The ticket at fedora-scm-requests was created with exception=true. I am not > going to link to it, because I am not here to point fingers. I am just > genuinely curious. > > According to > https://docs.fedoraproject.org/en-US/packaging-guidelines/ReviewGuidelines/#_package_review_process > > we have 3 kinds of exceptions: > > - FPC grants an explicit exemption from the process... > - The package is being created so that multiple versions of the same package > can coexist in the distribution... > - The package exists in both Fedora and RHEL, but the packager wants to ship > it > in EPEL under an alternative name... > > In those cases, the packager requests the repo with --exception, makes sense. > > However, who checks if the flag was used according to the rules? Because > apparently, is seems that nobody does. Is it expected that we are all > responsible people who would not abuse this simply to avoid package reviews? Isn't there also an exception for reviving a retired package within a certain window? -- Adam Williamson Fedora QA IRC: adamw | Twitter: adamw_ha https://www.happyassassin.net ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Who checks the exception at fedora-scm-requests?
On Thu, Jun 9, 2022 at 3:09 PM Miro Hrončok wrote: > > Hello, > > I've recently seen a package that was imported into Fedora without a package > review. I've noticed this because the packages doesn't even install and I > wanted to check if this could have been caught in the package review but I > couldn't find it, so I've checked the fedora-scm-requests ticket. > > The ticket at fedora-scm-requests was created with exception=true. I am not > going to link to it, because I am not here to point fingers. I am just > genuinely curious. > > According to > https://docs.fedoraproject.org/en-US/packaging-guidelines/ReviewGuidelines/#_package_review_process > we have 3 kinds of exceptions: > > - FPC grants an explicit exemption from the process... > - The package is being created so that multiple versions of the same package > can coexist in the distribution... > - The package exists in both Fedora and RHEL, but the packager wants to ship > it > in EPEL under an alternative name... > > In those cases, the packager requests the repo with --exception, makes sense. > > However, who checks if the flag was used according to the rules? Because > apparently, is seems that nobody does. Is it expected that we are all > responsible people who would not abuse this simply to avoid package reviews? > On a basic level, I'm kind of surprised we don't have an exception reason flag to ensure that the choice is being validated by someone. I don't know how you'd validate it right now. -- 真実はいつも一つ!/ Always, there's only one truth! ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure