Hi, Even though +1 for DEP-18 basically, I think that it might be better to add an option to formalize package owner's (single person maintainer) collaboration policy especially about non-team maintained packages under https://salsa.debian.org/debian/.
If such a package repository enables merge request feature, then I will send merge request and send E-mail to bugs.d.o about url of the MR to notify it. But it is not true that such MR is merged in timely manner. (Surely collaboration takes longer time, I know.) If the package owner expresses a collaboration policy in advance, it can improve such a situation in a particular case and we can respect it. NOTE: The following idea might be out-of-scope in DEP-18, but specific use-case to improve collaboration in Debian, IMHO. Here is just an idea: put collaboration policy metadata in debian/control. (The following idea assumes that non-maintainer DD tend to hesitate to commit/merge it) * Collaboration-Policy: debian/CONTRIBUTION.md Yes, we have README.source already, but it might be better to note in a separate file about collaboration. * Collaboration-Policy-Commit: yes It declares that the package owner encourages non-maintainer DD to commit directly without merge request. * Collaboration-Policy-Merge: yes It declares that the package owner encourages non-maintainer DD to allow merge requests. (DD has maintainer right in salsa.d.o by default as you know, but you can merge without worry if there is it.) * Collaboration-Policy-LowThresholdNmu: yes It declares that LowThresholdNmu rule [1] is applied. * Collabollation-Policy-NMU-Delay: 15 It declares that NMU delay the package owner wants. [1] https://wiki.debian.org/LowThresholdNmu Pros: * DD/DM and contributors can respect the package owner's intent about the package collaboration. * Reduce a chance to cause inconsistency between the content of each package repository on salsa.d.o and NMU'ed package source. * Because other DD (non package owner) can commit/merge, then ship NMU package. Cons: * Maintainers will be bothered to add that new field to every package (If there is no Collaboration-Policy, it is safe that sending merge request and let it the package manager, thus nothing changed) * No mechanism to enforce Collaboration-Policy-Commit: no or Collaboration-Policy-Merge: no policy because DD has maintainer rights on salsa.d.o and can commit/merge it in reality. It might worry too much, but it might be able to block an unfortunate accident, a so-called package hijack with incomplete communication in some cases. Regards, 2024年7月28日(日) 7:39 Otto Kekäläinen <o...@debian.org>: > > Hi all, > > I have drafted a new DEP at > https://salsa.debian.org/dep-team/deps/-/merge_requests/8 titled "DEP-18: > Enable true open collaboration on all Debian packages". > > Direct link to raw text: > https://salsa.debian.org/dep-team/deps/-/raw/798bfa5a1e1609afd4e48ee20aff80a82bcd4a2f/web/deps/dep18.mdwn > > This would have been a great topic to discuss in person at DebConf, but > unfortunately I can't attend this year, so I'll just kick this off on the > mailing list. > > This is continuation to the 'single maintainership' discussions earlier this > year. I also think that more unified and open collaboration processes could > help decrease maintainer burnout, lower barrier for existing and new > maintainers to help with multiple packages, and overall perhaps also improve > quality of uploads by having more attention on the source code prior to > upload. > > If you think this proposal makes sense, please press the thumbs up button. > > If you have comments, please share them here or on the draft itself. > > Thanks, > > Otto > -- Kentaro Hayashi <ken...@gmail.com>
