Re: [gentoo-dev] [experiment] Sunrise try 2
On Sunday 25 June 2006 01:39, Mike Frysinger wrote: > On Saturday 24 June 2006 18:54, Edward Catmur wrote: > > * Security (from malicious contributors): Glad to see layman will only > > track the reviewed/ tree; still, anyone who checks out the sunrise/ tree > > (and has it in PORTDIR_OVERLAY) is vulnerable. > > > > - Remove from the examples any suggestion that one should check out the > > whole tree when contributing. Point out that one should not svn up > > sunrise/ as part of updating Portage. > > valid point i think > > ive never admined svn repos before, but would it be possible to shut off > anon access to the non-reviewed tree ? i think that would cover this issue > as people who get bit by bugs in the non-reviewed tree would (and should) > be able to just go in and fix it themselves :) after looking at some acl stuff i'm 99% sure this can be done ... so can we get this setup ? in fact, gentoo-wiki.com has a section on doing apache2/svn/dav/acls -mike pgptAfQN4utt3.pgp Description: PGP signature
Re: [gentoo-dev] [experiment] Sunrise try 2
On Saturday 24 June 2006 18:54, Edward Catmur wrote: > * Security (from malicious contributors): Glad to see layman will only > track the reviewed/ tree; still, anyone who checks out the sunrise/ tree > (and has it in PORTDIR_OVERLAY) is vulnerable. > > - Remove from the examples any suggestion that one should check out the > whole tree when contributing. Point out that one should not svn up > sunrise/ as part of updating Portage. valid point i think ive never admined svn repos before, but would it be possible to shut off anon access to the non-reviewed tree ? i think that would cover this issue as people who get bit by bugs in the non-reviewed tree would (and should) be able to just go in and fix it themselves :) > * Conflicts between contributors (social): Alice adds an ebuild; Bob > makes a (maybe "obvious") change; Alice thinks the change is incorrect, > and, feeling that the ebuild is her property, reverts the change. A > revert war erupts. Many casualties. > > - Create a social structure to enable Alice and Bob to communicate and > resolve their differences of opinion. Forums? Wiki? IRC? Bugzilla? I > would argue there should be One True location for this to occur; /not/ > bugzilla (bugspam); /not/ IRC (impermanence). revert wars are retarded on the base level. if people are unable to solve issues via communication channels, i'd say just toss the people involved and the material in question. -mike pgp5Ydk0ahbAm.pgp Description: PGP signature
Re: [gentoo-dev] [experiment] Sunrise try 2
On Saturday 24 June 2006 09:12, Thomas Cort wrote: > http://gentoo-sunrise.org/cgi-bin/trac.cgi/wiki/HowToCommit this is a stupid nit pick thing (but i'm good at that) the examples should use $ as the shell prompt, not # pwnt! -mike pgpQu9Pb2ha9V.pgp Description: PGP signature
Re: [gentoo-dev] [experiment] Sunrise try 2
Luca Barbato wrote: > Edward Catmur wrote: > Critic 4 >> * Conflicts between contributors (social): Alice adds an ebuild; Bob >> makes a (maybe "obvious") change; Alice thinks the change is incorrect, >> and, feeling that the ebuild is her property, reverts the change. A >> revert war erupts. Many casualties. > > Reply 4a >> - Create a social structure to enable Alice and Bob to communicate and >> resolve their differences of opinion. > > Reply 4b > - ban warmongers. We can't even do that in Gentoo. Thanks, Donnie signature.asc Description: OpenPGP digital signature
Re: [gentoo-dev] [experiment] Sunrise try 2
Edward Catmur wrote: > On Sat, 2006-06-24 at 13:05 +0200, Luca Barbato wrote: >> (from critics) >> - What is wrong with the model (each point 2 lines at least, 4 at most) >> - What you'd do as alternative as the criticized point ( 2 lines again) Let me reformat a bit > Critic 1 > * Simplicity: The FAQ claims that Sunrise is simpler than Bugzilla. It > is - for users. Contributing is a lot more involved than with Bugzilla; > Sunrise is supposed to be about making contributing easier. Reply 1 > - Admit this in the FAQ. Where possible, write svn wrappers to make the > contributing process easier. Critic 2 > * Security (from malicious contributors): Glad to see layman will only > track the reviewed/ tree; still, anyone who checks out the sunrise/ tree > (and has it in PORTDIR_OVERLAY) is vulnerable. Reply 2a > - Remove from the examples any suggestion that one should check out the > whole tree when contributing. Reply 2b - Point out that one should not svn up sunrise/ as part of updating Portage. Reply 2c - sunrise/playground won't let anonymous fetch. Critic 3 > * Conflicts between contributors (technical): Alice adds an ebuild; Bob > makes a change; Alice makes another change and discovers it conflicts > with Bob's change in the repo. Alice has not used subversion and doesn't > know how to resolve conflicts. Reply 3a - People are supposed to learn svn in order to contribute. Reply 3b - Tutorials will be provided about conflict resolution Critic 4 > * Conflicts between contributors (social): Alice adds an ebuild; Bob > makes a (maybe "obvious") change; Alice thinks the change is incorrect, > and, feeling that the ebuild is her property, reverts the change. A > revert war erupts. Many casualties. Reply 4a > - Create a social structure to enable Alice and Bob to communicate and > resolve their differences of opinion. Reply 4b - ban warmongers. Critic 5 > * More to keep track of: With bugzilla you have a single URL, from which > you receive threaded email updates. Sunrise adds /two/ svn directories > plus whatever is used for discussion. Reply 5a - Make contributors subscribe to a svnlog ml, use trac-like features. Ed if you think this doesn't show your ideas please send another using this format. lu -- Luca Barbato Gentoo/linux Gentoo/PPC http://dev.gentoo.org/~lu_zero -- gentoo-dev@gentoo.org mailing list
Re: [gentoo-dev] [experiment] Sunrise try 2
On Sat, 2006-06-24 at 13:05 +0200, Luca Barbato wrote: > (from critics) > - What is wrong with the model (each point 2 lines at least, 4 at most) > - What you'd do as alternative as the criticized point ( 2 lines again) * Simplicity: The FAQ claims that Sunrise is simpler than Bugzilla. It is - for users. Contributing is a lot more involved than with Bugzilla; Sunrise is supposed to be about making contributing easier. - Admit this in the FAQ. Where possible, write svn wrappers to make the contributing process easier. * Security (from malicious contributors): Glad to see layman will only track the reviewed/ tree; still, anyone who checks out the sunrise/ tree (and has it in PORTDIR_OVERLAY) is vulnerable. - Remove from the examples any suggestion that one should check out the whole tree when contributing. Point out that one should not svn up sunrise/ as part of updating Portage. * Conflicts between contributors (technical): Alice adds an ebuild; Bob makes a change; Alice makes another change and discovers it conflicts with Bob's change in the repo. Alice has not used subversion and doesn't know how to resolve conflicts. - Document the subversion conflict resolution process. Advertise that you will be available on IRC to help with these types of problems. Explain to use "svn st -u" and "svn up" to sync before making changes. * Conflicts between contributors (social): Alice adds an ebuild; Bob makes a (maybe "obvious") change; Alice thinks the change is incorrect, and, feeling that the ebuild is her property, reverts the change. A revert war erupts. Many casualties. - Create a social structure to enable Alice and Bob to communicate and resolve their differences of opinion. Forums? Wiki? IRC? Bugzilla? I would argue there should be One True location for this to occur; /not/ bugzilla (bugspam); /not/ IRC (impermanence). * More to keep track of: With bugzilla you have a single URL, from which you receive threaded email updates. Sunrise adds /two/ svn directories plus whatever is used for discussion. - Create a summary page that links to bugzilla and discussions, and tracks versions and changes, and all other relevant information. Allow (require?) contributors to subscribe to email updates from the summary page. That's all for now. I might think of more. Ed -- gentoo-dev@gentoo.org mailing list
Re: [gentoo-dev] [experiment] Sunrise try 2
maillog: 24/06/2006-09:12:59(-0400): Thomas Cort types > > What I need: > > (from proponents) > > - A list of issue sunrise wants to address (each point 2 lines at most) > > - How it will be implemented > > (from critics) > > - What is wrong with the model (each point 2 lines at least, 4 at most) > > - What you'd do as alternative as the criticized point ( 2 lines again) > > Before people start replying, they should make sure they are familiar > with the updated model/policies (read: they've changed since the > original discussion on -dev). The new stuff is available at: > http://gentoo-sunrise.org/cgi-bin/trac.cgi/wiki/SunriseFaq and > http://gentoo-sunrise.org/cgi-bin/trac.cgi/wiki/HowToCommit :)) http://gentoo-sunrise.org/cgi-bin/trac.cgi/wiki/SunriseFaq#WhyshouldthisbeonofficialGentoohardware -- () Georgi Georgiev () If life gives you lemons, make lemonade. () ()[EMAIL PROTECTED]()() () http://www.gg3.net/ ()() pgp3WNs4R4PUg.pgp Description: PGP signature
Re: [gentoo-dev] [experiment] Sunrise try 2
On Sat, 24 Jun 2006 15:36:23 +0200 Luca Barbato <[EMAIL PROTECTED]> wrote: > It isn't in the format useful for a discussion point by point, genstef > is converting it, I hope. Yes, this is true. I was just pointing out that things have changed since the original proposal and that before people begin bringing up their points, they should check to see if the issues have already been addressed. -Thomas pgphydpPSsqFo.pgp Description: PGP signature
Re: [gentoo-dev] [experiment] Sunrise try 2
Thomas Cort wrote: > > Before people start replying, they should make sure they are familiar > with the updated model/policies (read: they've changed since the > original discussion on -dev). The new stuff is available at: > http://gentoo-sunrise.org/cgi-bin/trac.cgi/wiki/SunriseFaq and > http://gentoo-sunrise.org/cgi-bin/trac.cgi/wiki/HowToCommit It isn't in the format useful for a discussion point by point, genstef is converting it, I hope. lu -- Luca Barbato Gentoo/linux Gentoo/PPC http://dev.gentoo.org/~lu_zero -- gentoo-dev@gentoo.org mailing list
Re: [gentoo-dev] [experiment] Sunrise try 2
> What I need: > (from proponents) > - A list of issue sunrise wants to address (each point 2 lines at most) > - How it will be implemented > (from critics) > - What is wrong with the model (each point 2 lines at least, 4 at most) > - What you'd do as alternative as the criticized point ( 2 lines again) Before people start replying, they should make sure they are familiar with the updated model/policies (read: they've changed since the original discussion on -dev). The new stuff is available at: http://gentoo-sunrise.org/cgi-bin/trac.cgi/wiki/SunriseFaq and http://gentoo-sunrise.org/cgi-bin/trac.cgi/wiki/HowToCommit pgpdZ34r8hJ2R.pgp Description: PGP signature
[gentoo-dev] [experiment] Sunrise try 2
I'm just trying to start again just to have it as example on how to be productive and critical at the same time. What I need: (from proponents) - A list of issue sunrise wants to address (each point 2 lines at most) - How it will be implemented (from critics) - What is wrong with the model (each point 2 lines at least, 4 at most) - What you'd do as alternative as the criticized point ( 2 lines again) That is just an experiment to see if we can have a thread producing a result w/out too much discussion overhead. who is going to play with me this game? =) lu -- Luca Barbato Gentoo/linux Gentoo/PPC http://dev.gentoo.org/~lu_zero -- gentoo-dev@gentoo.org mailing list
