On Sat, Aug 1, 2009 at 9:27 PM, Heiko Baums email@example.com wrote:
Well, I'm not a TU, and can't vote, but keep in mind, what a TU is, what TU means and what a TU's task is.
I don't want to offend Laszlo, and I'm probably doing him wrong.
I guess you TUs know this anyway, but let me say it anyhow.
Trusted User doesn't mean, he likes Arch Linux - I like it, too -, he likes to contribute to Arch Linux and to the community. Trusted User means, that this user is completely trustworthy and that this user can be completely trusted especially in security-related stuff. There are so many doubts about Laszlo, that I don't think, that he is really trustworthy. I, too, have my doubts about it. And keep in mind, that not only other TUs but also every other normal user must trust a TU.
I've tried to clean some doubts, you can read back. I think it's normal in the descussion period, if something is not clear, we speak about it. Feel free to ask me, if you have got doubts.
The task of a TU is not to maintain a few - maybe 300 - packages in AUR. This can do every user. Writing documentations in the Wiki can also be done by every normal user. And every normal user can help other people in the forums.
Btw., I don't know, why someone needs to maintain or at least contribute 300 packages in or to AUR. Most of them - except of about 2 or 3 - are vim plugins anyway. I only maintain a few packages I need myself, so that I can test them, before I upload them to AUR. I don't think, that I could do it with 300 packages.
I can't do it with 300 packages really, I discussed it. I've done the reassessment. Well I accept the opinion from Xyne, It's not a bad thing to contribute packages, even if the user will disown that, because somebody can continue to maintain it, and you can reach those now too from AUR.
The task of a TU is especially maintaining and compiling packages in the community binary repository and to do administrative and security related stuff in the AUR like orphaning packages etc. A TU needs to be able to write working and trustworthy PKGBUILDs, and a TU needs some more than only basic scripting skills, because some applications need PKGBUILDs which are not quite trivial, the people - every Arch Linux user - rely on and trust the binary repositories in terms of security and stability. I don't see this with Laszlo.
Particularly see the symlink thing in his PKGBUILD for the library. If he was a Gentoo user for more than a year - I was one for about 6 years -, he should know, that a library doesn't have to be symlinked to keep or get reverse dependencies compatible to updated libraries. See revdep-rebuild, which every Gentoo user knows only too well. Symlinking a library can only be a quick and dirty workaround locally on one PC until the reverse depedency is rebuilt or fixed. If such a symlink is needed by another package, than he should file a feature request to upstream. So this shows me, that Laszlo doesn't have enough scripting and packaging skills, at least not enough to be able to build and maintain packages in a semi-official binary repository, which every user trusts.
You can ask Corrado/bardo in this matter, I've worked with him together on gcc-avr packages, and it wasn't quite trivial/simple to keep it in updated format. We worked on it more days. I adopted some unclean packages that lasted me so much hours to fix, because they weren't so trivial for me. E.g. packages with kde3/kde4/qt3/qt4 compatibility problem, or cross-compiling packages with cross-toolchain. Yeah I've used revdep-rebuild while sleeping or working on other machine, because it was a long operation by me ;)
I also read his comment in the forums, which Xyne posted here.
Well the "Welcome to the forum" can be seen friendly. But then he writes "We must realize whether...", and just repeats, what Allan has already written. For me it sounds as he feels like already being a developer, or that he wants to presume to be one. I don't know Laszlo's intention, and I can do him wrong, but somehow it looks like craving for recognition, there are at least doubts.
So I don't know, if I could trust him enough.
Okay, in this concrete example it wasn't sure for me he uses a good mirror, it could cause the issue too, that was my plus idea. I don't feel really that, I'm a developer. I don't like Role-playing game :)
I'd suggest, not to make him a TU. I think there are enough things, he can do for Arch Linux and the community without being a TU. If he will prove beyond doubt in the future, that his attitude is good, his scripting and packaging skills are even better, and he is really trustworthy, then this can be discussed again and it can be voted again about making him a TU, but not too early. I think, there's no hurry.
Thank you the reply.
Best Regards, Laszlo Papp