On Mon, Nov 7, 2022 at 6:16 PM Sam James <s...@gentoo.org> wrote: > > > On 7 Nov 2022, at 06:07, Oskari Pirhonen <xxc3ncore...@gmail.com> wrote: > > > > On Sun, Nov 06, 2022 at 11:37:24 +0100, Piotr Karbowski wrote: > >> I would be in favour of stepping up the social contract and actually > >> prohibiting this kind of things, we had that before too, the nattka you > >> mgorny wrote is replacement for old bugzilla bot that was ... > >> closedsource and perished, though nattka now have way more features than > >> the old thing ever had. > > > > As a user, I think it would be really cool if there was a requirement > > that all infra and infra-adjacent stuff was free software. > > > > I feel like I've read that Debian already has something like this. While > > doing some quick searches I didn't find a full-on requirement, but all > > their infra bits I did find were powered by free software. The most > > relevant ones being buildd [1] and debci [2]. Additionally, the debci > > docs has inctructions on reproducing tests yourself [3] which is a nice > > extra IMO. > > Gentoo has https://www.gentoo.org/get-started/philosophy/social-contract.html.
I feel like something like a dev-run tinderbox is a bit out of the scope of that. Suppose I file a bug against a package, pointing out some issue in it. How do you know I didn't use some proprietary static code analysis tool to discover that error? Does it even really matter? The bug speaks for itself. It is like worrying about whether somebody who filed a bug was running Windows or another proprietary OS or browser on their desktop. Well, a tinderbox is just an automated process for doing just that. We don't require any dev to use a proprietary tinderbox before committing. It is something that individual devs choose to use for themselves, automating the testing workflow and possibly the submission of bugs. I think the key is something that was brought up earlier in the thread: is this causing problems? If somebody is running some tool against the repository and automatically filing bugs, and those bugs are not useful/actionable and waste the time of volunteers, then that is a problem. Proprietary tools do contribute to this since they can generate results that are harder to reproduce, but if they are clear and accurate and actionable it could still be a net-positive. Of course if somebody wants to contribute to 100% FOSS tinderbox efforts that would be even better. Perhaps if our 100% FOSS tinderbox efforts addressed our needs very well, then nobody would want to bother with the proprietary reports, or generating them. IMO it would be better to create the FOSS solution before abandoning the proprietary one. Doing otherwise is basically burning bridges - it can be motivating in a sense but not really ideal. I'd love to have a 100% FOSS solution around all of this, but I appreciate what has been created and can hardly criticize volunteers for failing to make it happen, especially since I haven't contributed to that myself. -- Rich
