Jerry James wrote:
a. Last fall, a provenpackager updated a package for which I am the
primary point of contact (as well as the original submitter). The
update was to an upstream alpha release. It was alpha for a reason.
The release is super buggy. I had not updated to it on purpose. A
provenpackager strolled by, updated to the buggy release, then
strolled away. Guess who has been getting the bug reports? Not the
person who did the update, the person who did not even bother
contacting the primary point of contact to see if updating was okay.
Looking at:
https://admin.fedoraproject.org/accounts/user/view/jjames
https://fedoraproject.org/wiki/User:Jjames
I see no IRC contact info at all. And you're surprised that people did not
try to contact you?
Really, it is not realistic to expect people who need to urgently fix
something to write up a polite e-mail and wait possibly days for you to
reply (especially if you then answer that you don't want the change and more
days are wasted going back and forth arguing for why the change is needed).
Either you are reachable quickly through real-time communication (which
effectively means IRC in the Free Software world) or you will just not be
asked.
I always curse when I try to contact a packager and see either no IRC
contact info, or an IRC nick that is clearly not in active use (last seen
weeks ago).
b. Just last week, another provenpackager dropped two patches into a
package for which I am the primary point of contact (as well, again,
as the original submitter). One patch only has effect on non-Linux
systems, so adding it was pointless. I don't even have any idea what
the other patch does. It changes stuff, I can see that, but why? The
person who did this did not add any comments to the PatchN: lines in
the spec file, so I don't know if they have been submitted upstream,
are from upstream, or what. Here, again, the provenpackager made *no*
attempt at all to contact the primary point of contact.
Patch comments are also overrated. Often, the patch name already clearly
says what the patch does. (E.g., guess what
kdelibs-3.5.10-CVE-2015-7543.patch is for. :-) That said, I always try to
add at least 1 line of comments for patches, even in my own packages; the
particular patch I cited here actually has a 4-line comment.)
Kevin Kofler