[Proposal] Ring-based Packaging Policies

Ken Dreyer ktdreyer at ktdreyer.com
Sat Feb 14 00:45:23 UTC 2015 

On Fri, Feb 13, 2015 at 6:06 AM, Michael Schwendt <mschwendt at gmail.com> wrote:
> On Thu, 12 Feb 2015 16:49:13 -0500, Stephen Gallagher wrote:
>> Ultimately, it's about one thing: Help get more software into Fedora
>> without scaring people away.
>
> What is the background for this? Who has been scared away?

Here's one review where the submitter worked very hard to jump through
all the hoops until it came to the FPC bundling exception process.
It's my opinion that Carlos would be a Fedora package maintainer today
if that FPC process hadn't taken so long.
https://bugzilla.redhat.com/682544

In IRC, I've seen other users abandon ship earlier, once the
prospective developers are told that their goal of packaging X in
Fedora or EPEL would require doing some work to unbundle some library.
It's hardly a theoretical problem. I have no idea of the scope, of
course, but it does happen.

For myself, I believe in unbundling libraries, and I believe Linux
distros like Fedora and Debian contribute a great deal to the health
of the overall FOSS ecosystem. Certain upstream developers enjoy
lambasting distributions regarding bundling policies, and I wish these
same developers could step back and acknowledge how many patches and
improvements have also come upstream as a result of the distros' work
(unbundling work included).

Matt, you mentioned in another email in this thread that upstreams
don't care about the messages that we send. I agree that some
upstreams don't care about certain classes of problems, but they do
care about others. For example, XBMC hates that we've unbundled
ffmpeg, but on the other hand, they're quite happy to take our patches
to fix format-string bugs that Fedora's GCC defaults bring to light.
Things are not all rosy, but they're not all bleak, either.

Here's the new policy that I would vote for:

1) We allow bundled libraries, and each bundled library MUST have a
   virtual Provides: bundled(foo) in the RPM spec. (The packager SHOULD
   provide a version number too, with the admission that it is sometimes
   difficult to get this number correct.)

2) If another packager comes up with a patch to unbundle the library and files
   the patch in Bugzilla, then the package maintainer MUST take the
   patch.

3) If the package maintainer disagrees with the patch for whatever reason
   (maybe it's a feature regression, or whatever), they MUST bring it to
   the FPC for arbitration. The FPC must take into account the loss of
   functionality that unbundling could imply.

This revised policy would lower the barrier to entry for newcomers,
and still leave room for more advanced contributors to do the work if
they desired to do so.

- Ken

More information about the devel mailing list