[arch-dev-public] signoffs are dead
Dear all, For a while now packages in [testing] have gotten little to no signoffs and I've been moving mine to [core] after a week without feedback. I suspect many of you have been doing this too. Here's the signoff reports over the last ten days: - June 19: 0 signoffs - June 20: 6 from me, 4 from anthraxx - June 21: 0 - June 22: 5 from me - June 23: 2 from demize - June 24: 1 from me - June 25: 0 - June 26: 1 from me - June 27: 3 from me, 1 from eworm - June 28: 3 from heftig, 2 from arojas So I've decided to shorten the wait in [testing] to 48 hours. Many updates to [core] packages include security fixes and they have better move sooner rather than later. We used to be able to gather enough signoffs to move these within a day or two, and that's what I intend to do with or without signoffs. Any comment, and especially any other idea to fix this situation, is welcome. Cheers. -- Gaetan
On 2016-06-28 20:09, Gaetan Bisson wrote:
Dear all,
For a while now packages in [testing] have gotten little to no signoffs and I've been moving mine to [core] after a week without feedback. I suspect many of you have been doing this too. Here's the signoff reports over the last ten days:
- June 19: 0 signoffs - June 20: 6 from me, 4 from anthraxx - June 21: 0 - June 22: 5 from me - June 23: 2 from demize - June 24: 1 from me - June 25: 0 - June 26: 1 from me - June 27: 3 from me, 1 from eworm - June 28: 3 from heftig, 2 from arojas
So I've decided to shorten the wait in [testing] to 48 hours. Many updates to [core] packages include security fixes and they have better move sooner rather than later. We used to be able to gather enough signoffs to move these within a day or two, and that's what I intend to do with or without signoffs.
Any comment, and especially any other idea to fix this situation, is welcome.
Cheers.
I have the same problem with my packages. I usually wait a couple of days (up to week) if there is no security fixes. I guess we can just move to lazy consensus mode and assume if nobody complains, the package is fine and move it after 48-76 hours. Bartłomiej
Am 2016-06-29 20:49, schrieb Bartłomiej Piotrowski:
I guess we can just move to lazy consensus mode and assume if nobody complains, the package is fine and move it after 48-76 hours.
As pointed out on arch-general (not by me) this makes the whole signoff process useless. Maybe we should look into finding some people that want to help test stuff and give them permissions to sign off on packages? Florian
On 29/06, Florian Pritz via arch-dev-public wrote:
Am 2016-06-29 20:49, schrieb Bartłomiej Piotrowski:
I guess we can just move to lazy consensus mode and assume if nobody complains, the package is fine and move it after 48-76 hours.
As pointed out on arch-general (not by me) this makes the whole signoff process useless. Maybe we should look into finding some people that want to help test stuff and give them permissions to sign off on packages?
That has actually come up on IRC a lot of times over the last couple years, users asking how to sign-off packages / if they can help signing-off. -- Sincerely, Johannes Löthberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/
Am 2016-06-30 09:41, schrieb Johannes Löthberg via arch-dev-public:
That has actually come up on IRC a lot of times over the last couple years, users asking how to sign-off packages / if they can help signing-off.
I've already got 4 people willing to help, but nobody here voiced an opinion on this matter yet. Do we want such tester from a dev/TU perspective? Florian
On Fri, 2016-07-01 at 21:24 +0200, Florian Pritz via arch-dev-public wrote:
Am 2016-06-30 09:41, schrieb Johannes Löthberg via arch-dev-public:
That has actually come up on IRC a lot of times over the last couple years, users asking how to sign-off packages / if they can help signing-off.
I've already got 4 people willing to help, but nobody here voiced an opinion on this matter yet. Do we want such tester from a dev/TU perspective?
Florian
I think it makes a lot of sense. If there are people willing to contribute in this area, it would be wise to accept the help. Testing and signoffs doesn't need to be something restricted to an inner trusted group of people. Developers could always make their own decisions based on who signs off on packages. I stopped using [testing] since my focus has increasingly on other projects (i.e. work) and I don't have time to spare on coping with more issues from upgrades. That means I'm no longer testing the packages, so I'm not able to do signoffs anymore simply based on my regular usage of the packages. Perhaps others are in a similar situation. When I was using [testing] (i.e. until recently), I often didn't sign off for packages that do get used a bit on my system because I didn't consider it thorough enough testing even if it's just supposed to be a basic smoke test to make sure it links and runs at all.
[2016-07-01 21:24:47 +0200] Florian Pritz via arch-dev-public:
Am 2016-06-30 09:41, schrieb Johannes Löthberg via arch-dev-public:
That has actually come up on IRC a lot of times over the last couple years, users asking how to sign-off packages / if they can help signing-off.
I've already got 4 people willing to help, but nobody here voiced an opinion on this matter yet. Do we want such tester from a dev/TU perspective?
That sounds like the best idea so far. It also gives users running [testing] some kind of a purpose besides the fun of the occasional breakage. Cheers. -- Gaetan
On ven., 2016-07-01 at 17:43 -1000, Gaetan Bisson wrote:
[2016-07-01 21:24:47 +0200] Florian Pritz via arch-dev-public:
Am 2016-06-30 09:41, schrieb Johannes Löthberg via arch-dev-public:
That has actually come up on IRC a lot of times over the last couple years, users asking how to sign-off packages / if they can help signing-off.
I've already got 4 people willing to help, but nobody here voiced an opinion on this matter yet. Do we want such tester from a dev/TU perspective?
That sounds like the best idea so far. It also gives users running [testing] some kind of a purpose besides the fun of the occasional breakage.
I think we should not promote person as developer because their main work is to test packages. This seems more "support staff" position. If we want to keep the explicit feedback, we could also open signoffs to our community. The feedbacks will be more representative as only few selected people will test their own needs. Cheers, -- Sébastien "Seblu" Luttringer https://seblu.net | Twitter: @seblu42 GPG: 0x2072D77A
On 2016-07-04 22:07, Sébastien Luttringer wrote:
On ven., 2016-07-01 at 17:43 -1000, Gaetan Bisson wrote:
[2016-07-01 21:24:47 +0200] Florian Pritz via arch-dev-public:
Am 2016-06-30 09:41, schrieb Johannes Löthberg via arch-dev-public:
That has actually come up on IRC a lot of times over the last couple years, users asking how to sign-off packages / if they can help signing-off.
I've already got 4 people willing to help, but nobody here voiced an opinion on this matter yet. Do we want such tester from a dev/TU perspective?
That sounds like the best idea so far. It also gives users running [testing] some kind of a purpose besides the fun of the occasional breakage.
I think we should not promote person as developer because their main work is to test packages. This seems more "support staff" position.
If we want to keep the explicit feedback, we could also open signoffs to our community. The feedbacks will be more representative as only few selected people will test their own needs.
Cheers,
No one said anything about promoting such users to developers. That would be new role just with signoffs permissions. Bartłomiej
On mar., 2016-07-05 at 20:33 +0200, Bartłomiej Piotrowski wrote:
On 2016-07-04 22:07, Sébastien Luttringer wrote:
On ven., 2016-07-01 at 17:43 -1000, Gaetan Bisson wrote:
[2016-07-01 21:24:47 +0200] Florian Pritz via arch-dev-public:
Am 2016-06-30 09:41, schrieb Johannes Löthberg via arch-dev-public:
That has actually come up on IRC a lot of times over the last couple years, users asking how to sign-off packages / if they can help signing-off.
I've already got 4 people willing to help, but nobody here voiced an opinion on this matter yet. Do we want such tester from a dev/TU perspective?
That sounds like the best idea so far. It also gives users running [testing] some kind of a purpose besides the fun of the occasional breakage.
I think we should not promote person as developer because their main work is to test packages. This seems more "support staff" position.
If we want to keep the explicit feedback, we could also open signoffs to our community. The feedbacks will be more representative as only few selected people will test their own needs.
Cheers,
No one said anything about promoting such users to developers. That would be new role just with signoffs permissions.
Ok. I misunderstood the "Do we want such tester from a dev/TU perspective?" Cheers, -- Sébastien "Seblu" Luttringer https://seblu.net | Twitter: @seblu42 GPG: 0x2072D77A
On 01/07, Florian Pritz via arch-dev-public wrote:
Am 2016-06-30 09:41, schrieb Johannes Löthberg via arch-dev-public:
That has actually come up on IRC a lot of times over the last couple years, users asking how to sign-off packages / if they can help signing-off.
I've already got 4 people willing to help, but nobody here voiced an opinion on this matter yet. Do we want such tester from a dev/TU perspective?
Just to state it outright, I'm very much in favour of the idea. -- Sincerely, Johannes Löthberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/
On 2016-06-29 21:51, Florian Pritz via arch-dev-public wrote:
Am 2016-06-29 20:49, schrieb Bartłomiej Piotrowski:
I guess we can just move to lazy consensus mode and assume if nobody complains, the package is fine and move it after 48-76 hours.
As pointed out on arch-general (not by me) this makes the whole signoff process useless. Maybe we should look into finding some people that want to help test stuff and give them permissions to sign off on packages?
Florian
I don't see how it makes signoffs useless. Instead of "works for me", I got "something is broken" message either via bug tracker or IRC/e-mail. The result is the same – the package is fixed or pulled out from testing. Bartłomiej
On 04.07.2016 06:37, Bartłomiej Piotrowski wrote:
I don't see how it makes signoffs useless. Instead of "works for me", I got "something is broken" message either via bug tracker or IRC/e-mail. The result is the same – the package is fixed or pulled out from testing.
Sure, we don't need signoffs for that. Signoff are intended to show the maintainer that people have tested their package and that it worked for them. Without a signoff all you can do is wait and if you don't hear anything that can either mean that there are no problems or that nobody had enough time to test the package yet. Signoffs thus provide the explicit positive feedback that you can't get any other way. I think explicit positive feedback is much better than implicit timeouts. I really wouldn't know how much time people need to test stuff and even if you ask them, they might just be busy, on vacation or just sick. Also as you can see, apparently the current testers (devs/TUs) don't do as much testing as they used to, but how would you know that if there were no signoffs to begin with? Florian
On 2016-07-04 07:19, Florian Pritz via arch-dev-public wrote:
On 04.07.2016 06:37, Bartłomiej Piotrowski wrote:
I don't see how it makes signoffs useless. Instead of "works for me", I got "something is broken" message either via bug tracker or IRC/e-mail. The result is the same – the package is fixed or pulled out from testing.
Sure, we don't need signoffs for that. Signoff are intended to show the maintainer that people have tested their package and that it worked for them. Without a signoff all you can do is wait and if you don't hear anything that can either mean that there are no problems or that nobody had enough time to test the package yet. Signoffs thus provide the explicit positive feedback that you can't get any other way.
I think explicit positive feedback is much better than implicit timeouts. I really wouldn't know how much time people need to test stuff and even if you ask them, they might just be busy, on vacation or just sick. Also as you can see, apparently the current testers (devs/TUs) don't do as much testing as they used to, but how would you know that if there were no signoffs to begin with?
Florian
Sure, I'm not trying to discredit the idea, I am always for bringing more people into Arch. Explicit feedback that something works is indeed better than silence. My point is, my packages rarely receive any signoffs, so I need to do smoke tests with some common scenarios anyway. If there is interest and archweb allows us for tester role, let's do it. Bartłomiej
Hi, Since there was only positive feedback to the idea of giving some users signoff permissions I went ahead and created the necessary group in archweb. I've created a test user and clicked around a bit and it looks like it works as expected so I'll now start creating accounts for testers. I've already received 4 responses to my initial mail about this so I'll start by creating accounts for those first and see if everything works as expected. If anyone else is interested in becoming a tester, feel free to send me a mail including your desired username and your full name. I'll wait for feedback from the first couple of tester before handing out more accounts though so expect some delay. Florian
On Monday, July 25, 2016 2:32:29 PM CEST Florian Pritz via arch-dev-public wrote:
I've already received 4 responses to my initial mail about this so I'll start by creating accounts for those first and see if everything works as expected.
Just a quick update: I haven't received any (negative or positive) feedback from developers so far. I've sent a mail to the testers to see if everything is fine from their point of view. If the feedback I get is positive I will start creating accounts for the other ~10 applications I've received. Florian
On 2016-08-11 11:04, Florian Pritz via arch-dev-public wrote:
On Monday, July 25, 2016 2:32:29 PM CEST Florian Pritz via arch-dev-public wrote:
I've already received 4 responses to my initial mail about this so I'll start by creating accounts for those first and see if everything works as expected.
Just a quick update:
I haven't received any (negative or positive) feedback from developers so far. I've sent a mail to the testers to see if everything is fine from their point of view. If the feedback I get is positive I will start creating accounts for the other ~10 applications I've received.
Florian
Number of signoffs is definitely higher and while I can't say anything about time needed to get a minimum of two because I've been away for past few days, I feel better moving my packages to [core] with all these new nicks in the dashboard. Bartłomiej
Florian Pritz via arch-dev-public <arch-dev-public@archlinux.org> on Thu, 2016/08/11 11:04:
On Monday, July 25, 2016 2:32:29 PM CEST Florian Pritz via arch-dev-public wrote:
I've already received 4 responses to my initial mail about this so I'll start by creating accounts for those first and see if everything works as expected.
Just a quick update:
I haven't received any (negative or positive) feedback from developers so far. I've sent a mail to the testers to see if everything is fine from their point of view. If the feedback I get is positive I will start creating accounts for the other ~10 applications I've received.
I have not received full signoffs (including i686) for any of my updated packages. However there were more than before... So this is the right way to go. Any chance to acquire (more) testers for i686? -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];) putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);}
On mar., 2016-06-28 at 08:09 -1000, Gaetan Bisson wrote:
Any comment, and especially any other idea to fix this situation, is welcome.
I do something like that too but with little more time. We can move from signoffs to "no blocker bug report" during a period go to core. Cheers, -- Sébastien "Seblu" Luttringer https://seblu.net | Twitter: @seblu42 GPG: 0x2072D77A
Gaetan Bisson <bisson@archlinux.org> on Tue, 2016/06/28 08:09:
For a while now packages in [testing] have gotten little to no signoffs and I've been moving mine to [core] after a week without feedback. I suspect many of you have been doing this too.
Yes, probably everybody does. ;) I do not run a system with [testing] enabled by default. I need my main system in production every day - stable and reliable. Packages that I really do want and/or need end up in my personal repository for testing, though. I do give spare signoffs, but that packages received real testing then. Possibly we should modify the process a bit: Expect a package to be fine when it received enough signoffs - as is. Additionally add a NACK feature that expresses something is (possibly) borked. If the package did not receive a NACK within 48 or 72 hours it is expected to be fine as well. Our bug wrangler Doug could have an eye on bugs that look critical and set NACKs for the packages. Increasing the number of people with signoff permission may help as well. How about a new user group for signoffs? -- main(a){char*c=/* Schoene Gruesse */"B?IJj;MEH" "CX:;",b;for(a/* Best regards my address: */=0;b=c[a++];) putchar(b-1/(/* Chris cc -ox -xc - && ./x */b/42*2-3)*42);}
On 02/07/16 06:18, Christian Hesse wrote:
Gaetan Bisson <bisson@archlinux.org> on Tue, 2016/06/28 08:09:
For a while now packages in [testing] have gotten little to no signoffs and I've been moving mine to [core] after a week without feedback. I suspect many of you have been doing this too.
Yes, probably everybody does. ;)
I do not run a system with [testing] enabled by default. I need my main system in production every day - stable and reliable. Packages that I really do want and/or need end up in my personal repository for testing, though. I do give spare signoffs, but that packages received real testing then.
Possibly we should modify the process a bit: Expect a package to be fine when it received enough signoffs - as is. Additionally add a NACK feature that expresses something is (possibly) borked. If the package did not receive a NACK within 48 or 72 hours it is expected to be fine as well. Our bug wrangler Doug could have an eye on bugs that look critical and set NACKs for the packages.
This sounds like the Fedora policy where packages have to surpass a certain karma level to move into the main repositories. I'm not sure who gets to vote for that though. A
participants (8)
-
Allan McRae
-
Bartłomiej Piotrowski
-
Christian Hesse
-
Daniel Micay
-
Florian Pritz
-
Gaetan Bisson
-
Johannes Löthberg
-
Sébastien Luttringer