submitters +1ing their own packages
Till Maas
opensource at till.name
Thu Sep 8 20:18:50 UTC 2011
On Thu, Sep 08, 2011 at 12:34:25PM -0700, Adam Williamson wrote:
> On Thu, 2011-09-08 at 20:59 +0200, Till Maas wrote:
> > On Thu, Sep 08, 2011 at 06:42:56PM +0000, "Jóhann B. Guðmundsson" wrote:
> >
> > > As in components flagged as base/core/critical might restrict the
> > > maintainer from +1 his own component and require more stricter QA
> > > oversight while components that are not flag as base/core/critical might
> > > not?
> >
> > If a +1 from a maintainer is counted for the stable update threshold
> > than the policy could just be changed to allow maintainers to push
> > updates directly to stable. Because this is what will be possible, only
> > that a lot of stupid interaction with Bodhi will be required. But it
> > would fit the current policy that does not state clearly that any update
> > submitter is allowed to push a non critpath update to stable as soon as
> > the update received at least one +1 from anyone.
>
> We're going round in circles again, as I know I've written this at least
> twice in the previous threads on the topic, but: no. What Bodhi adds to
> the process is accountability, an audit trail, and an easy way to manage
> privileges. If we keep the Bodhi thresholds but allow maintainers to +1
> their own updates, it makes it very very easy to look at a hyopthetical
> future problematic update and say 'look, you +1ed this update which was
> clearly broken, it went out, and caused pain to users: your +1
> privileges are revoked', and actually do that, without affecting other
> maintainers who are following the rules. If we just let everyone push
> straight to stable, we lose that.
It is easy to go in circles if everyone is using "+1" with a different
meaning. If you read carefully what I quoted you will notice that I
quoted a proposal to allow +1 comments only from submitters for non
critpath updates. If we use your meaning of "+1 comments from
submitters" this means that the proposal is to add an audit trail only
for non critpath updates. I am pretty sure that you do not mean this.
So your proposal is probably to allow +1 comments from submitters, but
do not use it to calculate the karma value of an update. But this is a
technical detail. Even with allowing a direct push to stable instead of
using a complex karma calculation formula you will have an audit trail
in Bodhi, because Bodhi creates a comment about this as well. And you
can as well revoke the direct-push-to-stabe direct-push-to-stabe feature
from misbehaving maintainers.
Kind regards
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20110908/478aef1f/attachment.bin
More information about the devel
mailing list