Application as Trusted User - gromit
Hello everyone! My name is Chris and I am a 24 year old computer science student from Heidelberg in southern Germany. With this mail I would like to apply to become part of the Trusted User group! I am happily using arch-based systems since 2016 and Archlinux since around 2018. Generally I use Linux systems since 2012, and have even worked as linux system administrator (paid and as volunteer) which was very fun! Aside from that I am trying my best to contribute to open source projects and the overall FOSS community, so far mostly by open sourcing personal projects, modifying & extending existing projets to my liking and reporting the bugs I find. Most of this activity is taking place on GitHub[0]. In my spare time I rock climb and hike, play the drums and I am an active youth lead in my local YMCA. In the last few years I also was very active in student politics but I am now winding down this involvement since I am about to finish my studies. Sometimes I can also be found in my local chaos computer club[1] chatting with other people about computers and stuff. In general you may know me better by the nick of "gromit" in IRC tho, under which I also participate in the various other arch resources: - Since 2018 I am part of the Arch Testing team to check packages in the various testing repos - I help out on the bugtracker[2] where I can, but I also just read a lot of it to keep up to date for support requests on IRC - I have some minor contributions on Gitlab[3], mostly around devtools and mkinitcpio - I participated in the proof of concept testing for the git package migration - I maintain packages on the Arch User Repository[4] and try to help out in the AUR comments aswell - I have some minor contributions on the wiki[5] - I also comment on /r/archlinux regularily (please note that reddit usernames[6] cannot be changed once created :p) To further extend this involvement and to help the arch community I am now applying as trusted user. Here is a collection of packages from [community] that I frequently use and could therefore possibly (Co-)Maintain: - bat 1 - blueberry 1 - borgmatic 1 - bpython 0 - gopass 2 - gopass-jsonapi 1 - gum 1 - lolcat 1 - mosquitto 1 - nemo 1 - nethogs 1 - pasystray 1 - polybar 1 - rofi-emoji 1 - scrcpy 1 - sxiv 1 - tailscale 1 - terminator 1 - unp 1 - variety 1 - yamllint 1 I especially selected these packages because they currently lack maintainers (except for gopass), but I am also open to help out with other packages! Additionally I could imagine bringing the following packages to the [community] repos, should I be accepted: - https://aur.archlinux.org/packages/ly - https://aur.archlinux.org/packages/nsxiv - https://aur.archlinux.org/packages/systemd-boot-pacman-hook My sponsors are Morten Linderud (Foxboron) and Robin Candau (Antiz) which I am both very thankful for because they also guided me through the application process! Cheers, and thanks for reading until here! Christian "gromit" Heusel [0] https://github.com/christian-heusel [1] https://www.noname-ev.de/howtotreff.html [2] https://bugs.archlinux.org/user/30483 [3] https://gitlab.archlinux.org/gromit [4] https://aur.archlinux.org/account/gromit [5] https://wiki.archlinux.org/title/Special:Contributions/Gromit [6] https://www.reddit.com/user/TheEbolaDoc
Le 07/04/2023 à 10:35, Christian Heusel a écrit :
Hello everyone!
My name is Chris and I am a 24 year old computer science student from Heidelberg in southern Germany. With this mail I would like to apply to become part of the Trusted User group! Good luck Chris! My sponsors are Morten Linderud (Foxboron) and Robin Candau (Antiz) which I am both very thankful for because they also guided me through the application process! I confirm my sponsorship.
-- Regards, Robin Candau / Antiz
I confirm my sponsorship of Christian :) -- Morten Linderud PGP: 9C02FF419FECBE16
Le 07/04/2023 à 10:46, Morten Linderud a écrit :
I confirm my sponsorship of Christian :) This marks the beginning of the discussion period which will conclude in two weeks on 2023-04-21. The voting will start on the same day and conclude on 2023-04-28.
-- Regards, Robin Candau / Antiz
Le 07/04/2023 à 10:51, Robin Candau a écrit :
Le 07/04/2023 à 10:46, Morten Linderud a écrit :
I confirm my sponsorship of Christian :) This marks the beginning of the discussion period which will conclude in two weeks on 2023-04-21. The voting will start on the same day and conclude on 2023-04-28. Kind reminder that the discussion period has 1 more week left.
-- Regards, Robin Candau / Antiz
Le 14/04/2023 à 11:04, Robin Candau a écrit :
Le 07/04/2023 à 10:51, Robin Candau a écrit :
Le 07/04/2023 à 10:46, Morten Linderud a écrit :
I confirm my sponsorship of Christian :) This marks the beginning of the discussion period which will conclude in two weeks on 2023-04-21. The voting will start on the same day and conclude on 2023-04-28. Kind reminder that the discussion period has 1 more week left.
Discussion period is over and the vote is live. Please cast your votes: https://aur.archlinux.org/tu/145 -- Regards, Robin Candau / Antiz
Le 21/04/2023 à 11:26, Robin Candau a écrit :
Le 14/04/2023 à 11:04, Robin Candau a écrit :
Le 07/04/2023 à 10:51, Robin Candau a écrit :
Le 07/04/2023 à 10:46, Morten Linderud a écrit :
I confirm my sponsorship of Christian :) This marks the beginning of the discussion period which will conclude in two weeks on 2023-04-21. The voting will start on the same day and conclude on 2023-04-28. Kind reminder that the discussion period has 1 more week left.
Discussion period is over and the vote is live. Please cast your votes: https://aur.archlinux.org/tu/145
The voting period has ended. Results: Yes No Abstain Total Participation 31 2 13 46 74.19% Congratulations gromit, you are now officially accepted as TU! Please proceed with https://wiki.archlinux.org/title/AUR_Trusted_User_guidelines#TODO_list_for_n... <https://wiki.archlinux.org/title/AUR_Trusted_User_guidelines#TODO_list_for_new_Trusted_Users> I'll accompany you through the onboarding steps :) -- Regards, Robin Candau / Antiz
Hello, Just wanted to say congratulations as well :) Now you have permissions to be able to fix my issues, lucky you :P Have a good day, -- Polarian GPG signature: 0770E5312238C760 Website: https://polarian.dev JID/XMPP: polarian@polarian.dev
On 2023-04-07 10:35, Christian Heusel wrote:
Hello everyone!
Hi, Chris!
My name is Chris and I am a 24 year old computer science student from Heidelberg in southern Germany. With this mail I would like to apply to become part of the Trusted User group!
I am happily using arch-based systems since 2016 and Archlinux since around 2018. Generally I use Linux systems since 2012, and have even worked as linux system administrator (paid and as volunteer) which was very fun!
Aside from that I am trying my best to contribute to open source projects and the overall FOSS community, so far mostly by open sourcing personal projects, modifying & extending existing projets to my liking and reporting the bugs I find. Most of this activity is taking place on GitHub[0].
In my spare time I rock climb and hike, play the drums and I am an active youth lead in my local YMCA. In the last few years I also was very active in student politics but I am now winding down this involvement since I am about to finish my studies. Sometimes I can also be found in my local chaos computer club[1] chatting with other people about computers and stuff.
In general you may know me better by the nick of "gromit" in IRC tho, under which I also participate in the various other arch resources: - Since 2018 I am part of the Arch Testing team to check packages in the various testing repos - I help out on the bugtracker[2] where I can, but I also just read a lot of it to keep up to date for support requests on IRC - I have some minor contributions on Gitlab[3], mostly around devtools and mkinitcpio - I participated in the proof of concept testing for the git package migration - I maintain packages on the Arch User Repository[4] and try to help out in the AUR comments aswell - I have some minor contributions on the wiki[5] - I also comment on /r/archlinux regularily (please note that reddit usernames[6] cannot be changed once created :p)
I like the dedication to keeping packages managed rather than just bringing in a whole bunch of new packages. :) The quality of the packages is good! I like your commitment to following the wiki guidelines. I also appreciate your useful commit messages. I like that there's a TODO on one of your packages to upstream a patch: It's important to make sure all distros benefit, not just Arch! I love that you have comments telling *why* you do something out of the ordinary instead of randomly doing something with no explanation. It's worth noting that only two packages have been maintained for more than a month; The rest of your packages were adopted/created only recently! I guess if you've had good commits, good adherence, and good community engagement, there's not much else to "prove".
Hi, Chris! Hey Brett! I like the dedication to keeping packages managed rather than just bringing in a whole bunch of new packages. :) As time goes on I'll probably find some more software that could be brought to the official repos, but the status quo is pretty nice wrt the range of available packages. So far I could benefit from all the work that goes into maintaining the various repositories so I now want to take part in making all that work ... I also realized that updating software and being a packager is great fun to me during the testing for the git poc and by being an AUR
On 4/9/23 23:39, Brett Cornwall wrote: maintainer! :p
The quality of the packages is good! I like your commitment to following the wiki guidelines. I also appreciate your useful commit messages. I like that there's a TODO on one of your packages to upstream a patch: It's important to make sure all distros benefit, not just Arch! I love that you have comments telling *why* you do something out of the ordinary instead of randomly doing something with no explanation. Thank you for the overall positive feedback here! It's worth noting that only two packages have been maintained for more than a month; The rest of your packages were adopted/created only recently! I guess if you've had good commits, good adherence, and good community engagement, there's not much else to "prove".
Yes, nice catch :D I recently upped my packaging game a bit, since this part of the application would be hard to judge for y'all otherwise ... So I packaged and adopted a few packages recently, where I also tried to improve the packages and make their PKGBUILDs more clean ... If you have more feedback just lemme know! :) I hope you have a great day, Chris
Hi there, I've been talking to Christian off-list and nobody yet seemed to have posted packaging feedback so I somehow squeezed in a bit of time and gave him a couple of packaging feedback lately. Just for transparency find that list here as well: mdt-git - should use a better pkgver like the ones from the git packaging guidelines in the wiki which includes actual version numbers - needs some depends that the script is using, you should quickly look at it. f.e. findutils grep awk pawxel - you need to declare all submodule sources in the sources array, or they always get cloned freshly. take a look how "mono" does it, also note the submodule update command etc - $pkgdir needs quotes prometheus-mosquitto-exporter - you may also want to specify something like -X main.Version=${pkgver} so the binary reports the correct thing - prometheus-mosquitto-exporter.service a good start for hardening, but maybe you can borrow some more options depending on what it needs to access. things that come to my mind to look up what kind of hardening is available in the service is umurmur, caddy, tor, postgresql prometheus-mosquitto-exporter-git - better pkgver which reflects the version - same as prometheus-mosquitto-exporter molly-guard - you should pull from a https source - has some unquoted $pkgdir - printing messages in the install file on every upgrade does not sound right google-chrome-beta: google-chrome-dev - printing messages in the install file on every upgrade does not sound right mdt: - same as mdt-git: needs some depends that the script is using, you should quickly look at it. f.e. findutils grep awk kopia: - we have tests, lets use them Good luck, Cheers, Levente
On 23/04/21 01:30PM, Levente Polyak wrote:
Hi there,
Hey anthraxx!
I've been talking to Christian off-list and nobody yet seemed to have posted packaging feedback so I somehow squeezed in a bit of time and gave him a couple of packaging feedback lately. Just for transparency find that list here as well:
Thank you again for taking the time, its really appreciated! If I only knew what I unleashed on myself with that tiny little question ;) Most of your feedback I have already implemented in the PKGBUILDs, just some was not released to the AUR yet as I will wait for the next upstream release to include the changes.
pawxel - you need to declare all submodule sources in the sources array, or they always get cloned freshly. take a look how "mono" does it, also note the submodule update command etc
Thank you for that remark, somehow I missed this information when reading the article about VCS packages ... I guess I have to read until the end the next time :D https://wiki.archlinux.org/title/VCS_package_guidelines#Git_submodules
prometheus-mosquitto-exporter - you may also want to specify something like -X main.Version=${pkgver} so the binary reports the correct thing - prometheus-mosquitto-exporter.service a good start for hardening, but maybe you can borrow some more options depending on what it needs to access. things that come to my mind to look up what kind of hardening is available in the service is umurmur, caddy, tor, postgresql
Yes, I already thought about ways I could harden the systemd service but tbh that's an area which is very new to me ... To start out reasonable I just took the services of prometheus-node-exporter and modified them :p But I will definitely check that out since I find learning some systemd hardening interesting beyond the scope of packaging prometheus-mosquitto-exporter!
google-chrome-beta: google-chrome-dev - printing messages in the install file on every upgrade does not sound right
The google-chrome* packages could generally see some improvements, but I am rather conservative with regard to changes in them as their userbase is really large :D But the changes you suggested have already been implemented. General question: Is the Rule regarding custom variables and functions beginning with an underscore also applicable for .install files?
kopia: - we have tests, lets use them
Yes some of these currently seem to fail, that's why I put this change on hold while I investigate whats going wrong there. Maybe this is a bug I have to fix in packaging kopia or these are issues upstream has to figure out. https://github.com/christian-heusel/aur/pull/2
Good luck, Cheers, Levente
Thanks! Cheers, Chris
participants (6)
-
Brett Cornwall
-
Christian Heusel
-
Levente Polyak
-
Morten Linderud
-
Polarian
-
Robin Candau