Hello everyone, My name is Maxim Baz, and with Morten Linderud (Foxboron) as my sponsor (who I was referred to by Alad Wenter) I'm applying to become a Trusted User. According to the git history of my dotfiles, I've been using Linux for around 3 years and Arch Linux for around 2 years. I'm quite active open-source contributor, especially on Github as you can see on my profile page [1]. Some of my currently favorite projects where I both contribute code and participate in discussions are: browserpass, wire-desktop, kitty, kakoune, spaceship-prompt, and undoubtedly aurutils. I also once submitted a small patch [2] to pacman-contrib that got merged. During the day I work at Microsoft, where I am also using Arch Linux and building software that runs on Linux in production. In my mind, packaging is one of the best ways to do good for Arch Linux community. Luckily there are tools that make this easy: I use Alad's aurutils and always build in chroot, fixing broken PKGBUILDs on the fly and sharing my fixes with package maintainers on AUR; to manage my own AUR packages [3] (except for the very few) I now use aurpublish tool by Eli Schwartz. Maintaining 'chromium-vaapi' in particular showed me how important it is to keep a valid up-to-date PKGBUILD for a tool that many people rely on every day, as well as how useful it is to provide precompiled binaries for apps that require lots of time and/or resources to compile — this is how my package 'chromium-vaapi-bin' was born. One aspect of packaging that always interested me is security and trust. Firstly, I have recently stumbled upon the idea of "reproducible builds" and I love it, Eli Schwartz and Morten Linderud briefly introduced me to the current efforts and I'm planning to get more involved in this area. In particular, I'm interested in the user-facing side of things, figuring out how to integrate this with pacman and how to let regular users benefit from reproducible builds the most. Also, as a TU I want to help finishing TODO "BUILDINFO rebuild" [4] if it's not completed earlier. Secondly, to maintain people's trust in Trusted Users we should never use http to fetch sources unless a verification method (such as a gpg signature) is also available, that's why I also want to help burning down a corresponding TODO "Use gpg signatures and https sources" [5]. Another thing I would do as TU is I would like to maintain and co-maintain packages for some Language Servers (if the current maintainers don't object). Language Server Protocol is a very cool concept (designed by Microsoft :P), it defines a protocol used between programming languages and editors to add features like autocomplete, go to definitions, code formatting and much more. Language servers themselves are being developed by community and are already supported by many editors like vim, neovim and kakoune. I am planning to start with the following packages: - bash-language-server: already in [community], I'd like to co-maintain it - python-language-server and python-jsonrpc-server: already in [community], I'd like to co-maintain them - go-langserver: the most feature-rich language server at the moment, to bring it to [community] I started the discussion with the upstream maintainers about tagging releases - kak-lsp: de-facto official plugin that adds LSP support for kakoune editor. I would also like to move some AUR packages to [community], in particular these ones have good amount of votes and in my mind deserve to be promoted to [community]: - wire-desktop (76): End-to-end encrypted messaging app that works on Windows, Linux, Mac, Android and iPhone. It is free, open-source and available on Github. Although I'm co-maintaining this package on AUR, I was mostly focused on contributing to the project itself: I added proper emoji support (following the latest Unicode standard), emoji autocomplete and improved native notifications on Linux (show user pictures, set urgency hint). - browserpass (31): Browser extension for pass (unix password manager), works in Chromium and Firefox. I became the primary project maintainer about a year ago, and together with another maintainer recently started rewriting it to make the architecture accommodate users' needs. I'm planning to bring this to [community] after the new version is ready (we are aiming to release in December). Also, someone in comments on AUR gave me a cool idea to use split-packages for Chromium and Firefox browsers, I'm going to do this as well (current PKGBUILD installs browserpass for both browsers, even if these browsers are not installed). - ttf-emojione (33): Colorful emoji font from EmojiOne. I created a Docker image that is able to compile the font out of image assets, and configured a Travis job for EmojiOne team so that the font is automatically being compiled on every commit and attached to every Github release. - grub-btrfs (15): Detects and includes btrfs snapshots in GRUB menu, allowing to easily boot in any existing snapshot. I personally use grub-btrfs in combination with snap-pac and snap-pac-grub for seamless integration with snapper and pacman. - python-black (10): Python code formatter that quickly gains popularity, I see it being adopted more and more in the community of Python developers, so I want it to be available in [community] repo. - gocryptfs (18): Encrypted overlay filesystem, an alternative for encfs. For all of the above, I'm being active on their Github pages and monitoring new releases using urlwatch. Finally I would like to co-maintain some of the packages that are already in [community] if the current maintainers don't object, I use them myself and participate in their development: - kakoune - kitty - prettier - py3status - urlwatch Sometimes I flag these packages as outdated, but I could just as well bump the versions myself. The above is the bare minimum, I reserve the right to discover more cool projects to maintain and co-maintain :P Cheers, Maxim Baz 1: https://github.com/maximbaz 2: https://lists.archlinux.org/pipermail/pacman-contrib/2018-February/000079.ht... 3: https://github.com/maximbaz/pkgbuilds 4: https://www.archlinux.org/todo/buildinfo-rebuild/ 5: https://www.archlinux.org/todo/use-gpg-signatures-and-https-sources/