[aur-general] Disown request: tmux-git
Please, disown package tmux-git https://aur.archlinux.org/packages.php?ID=35618 Last Updated: Sun, 29 May 2011 23:43:23 +0000 Best regards, Dmitry Korzhevin
Hi, Disowned. Thanks. -- Cordially, Alexander Rødseth Arch Linux Trusted User (xyproto on IRC, trontonic on AUR)
On Wed, Sep 12, 2012 at 4:01 PM, Alexander Rødseth <rodseth@gmail.com> wrote:
Hi,
Disowned. Thanks.
I find this a bit interesting and alarming. The OP has not shared any details about any reason or about writing emails to the maintainer, nevetheless you disowned the package without asking. May we know the reason? This process is too open if you ask me, anyone can ask here to disown any package. Now there are packages in the AUR which I trust, because I trust the maintainer, hence I don't check the PKGBUILD before every update. A git package can be changed any time without version check, but it will be compiled every day when I makepkg. So to summarise: someone asks for a disown here, gives no reasons why. You orphan it, anyone can adopt it immediately and change the package as he wants. I update the package using cower, and trust that the maintainer has not changed (I know, my mistake), so I have an altered package without my knowledge. Am I missing something?
On Wed, Sep 12, 2012 at 04:48:11PM +0200, SanskritFritz wrote:
On Wed, Sep 12, 2012 at 4:01 PM, Alexander Rødseth <rodseth@gmail.com> wrote:
Hi,
Disowned. Thanks.
I find this a bit interesting and alarming. The OP has not shared any details about any reason or about writing emails to the maintainer, nevetheless you disowned the package without asking. May we know the reason? This process is too open if you ask me, anyone can ask here to disown any package. Now there are packages in the AUR which I trust, because I trust the maintainer, hence I don't check the PKGBUILD before every update. A git package can be changed any time without version check, but it will be compiled every day when I makepkg. So to summarise: someone asks for a disown here, gives no reasons why. You orphan it, anyone can adopt it immediately and change the package as he wants. I update the package using cower, and trust that the maintainer has not changed (I know, my mistake), so I have an altered package without my knowledge. Am I missing something?
I think you're hugely overreacting. The TUs do a tremendous job of dealing with the constant onslaught of these requests. On the whole, I think they do an excellent job of auditing and doing the right thing. It's extremely rare that there's any drama or questioning of their actions. If you have evidence to the contrary occurring on this list, please feel free to correct me. That said, I think this is one _isolated_ case where perhaps the OP should have been questioned and this package not immediately disowned. dave
On 12/09/12, Dave Reisner wrote: | That said, I think this is one _isolated_ case where perhaps the OP | should have been questioned and this package not immediately disowned. You're right on both counts - it is an isolated case (given what I've seen on this list), yet OP was horribly lacking in detail. I guess you could also say, ignoring the overreaction, SanskritFritz is keeping the process honest. P.S. You're right on a third count - the TUs do a great job. -- Simon Perry (aka Pezz)
Hi, He was using his a custom git repo at: git://github.com/ThomasAdam/tmux.git Instead of the official one at: git://tmux.git.sourceforge.net/gitroot/tmux/tmux This was the main reason I disowned it so readily. Using a custom git repo does not instill trust. In addition to this, it was both flagged for a while (+1 for disowning) and being requested for being disowned here (another +1 in my book). If he had been using the official repo, or the package was named something like "tmux-funny-custom-repo-git", I would have put particular care into checking that the maintainer was indeed emailed two weeks in advance, without any reply back. Look only to previous disown requests for a confirmation that this how I normally handle things, if there is any doubt. Hope this clears things up and/or is understandable and/or is easily forgivable. PS. Thanks for the support, Dave. I think I speak for all TUs when I say that the Devs does a brilliant job as well. -- Best regards, Alexander Rødseth Arch Linux Trusted User (xyproto on IRC, trontonic on AUR)
2012/9/12 Alexander Rødseth <rodseth@gmail.com>:
Hi,
He was using his a custom git repo at: git://github.com/ThomasAdam/tmux.git Instead of the official one at: git://tmux.git.sourceforge.net/gitroot/tmux/tmux This was the main reason I disowned it so readily. Using a custom git repo does not instill trust.
Perhaps the OP, providing a link, was also implicitly referencing to the comments in the AUR page, where this circumstance (custom git repo) has been remarked by me in a comment, without any reply from the maintainer. As a merely historical remark, this package was legitimately using a custom git repo in the past because there wasn't an official git repo for tmux (tmux was using svn): it has been created a couple of weeks ago
12.09.2012 20:22, Giorgio Lando пишет:
2012/9/12 Alexander Rødseth <rodseth@gmail.com>:
Hi,
He was using his a custom git repo at: git://github.com/ThomasAdam/tmux.git Instead of the official one at: git://tmux.git.sourceforge.net/gitroot/tmux/tmux This was the main reason I disowned it so readily. Using a custom git repo does not instill trust.
Perhaps the OP, providing a link, was also implicitly referencing to the comments in the AUR page, where this circumstance (custom git repo) has been remarked by me in a comment, without any reply from the maintainer. As a merely historical remark, this package was legitimately using a custom git repo in the past because there wasn't an official git repo for tmux (tmux was using svn): it has been created a couple of weeks ago
Hello, Package was adopted and updated. Best regards, Dmitry Korzhevin
12.09.2012 20:22, Giorgio Lando пишет:
2012/9/12 Alexander Rødseth <rodseth@gmail.com>:
Hi,
He was using his a custom git repo at: git://github.com/ThomasAdam/tmux.git Instead of the official one at: git://tmux.git.sourceforge.net/gitroot/tmux/tmux This was the main reason I disowned it so readily. Using a custom git repo does not instill trust.
Perhaps the OP, providing a link, was also implicitly referencing to the comments in the AUR page, where this circumstance (custom git repo) has been remarked by me in a comment, without any reply from the maintainer. As a merely historical remark, this package was legitimately using a custom git repo in the past because there wasn't an official git repo for tmux (tmux was using svn): it has been created a couple of weeks ago
Hi, I am also active user of tmux and subscribed to tmux-users list ;) Best regards, Dmitry Korzhevin
On Wed, Sep 12, 2012 at 5:03 PM, Dave Reisner <d@falconindy.com> wrote:
On Wed, Sep 12, 2012 at 04:48:11PM +0200, SanskritFritz wrote:
On Wed, Sep 12, 2012 at 4:01 PM, Alexander Rødseth <rodseth@gmail.com> wrote:
Hi,
Disowned. Thanks.
I find this a bit interesting and alarming. The OP has not shared any details about any reason or about writing emails to the maintainer, nevetheless you disowned the package without asking. May we know the reason? This process is too open if you ask me, anyone can ask here to disown any package. Now there are packages in the AUR which I trust, because I trust the maintainer, hence I don't check the PKGBUILD before every update. A git package can be changed any time without version check, but it will be compiled every day when I makepkg. So to summarise: someone asks for a disown here, gives no reasons why. You orphan it, anyone can adopt it immediately and change the package as he wants. I update the package using cower, and trust that the maintainer has not changed (I know, my mistake), so I have an altered package without my knowledge. Am I missing something?
I think you're hugely overreacting. The TUs do a tremendous job of dealing with the constant onslaught of these requests. On the whole, I think they do an excellent job of auditing and doing the right thing. It's extremely rare that there's any drama or questioning of their actions. If you have evidence to the contrary occurring on this list, please feel free to correct me.
I definitely can't correct you, I'm subscribed for long time and never saw any problem with disown requests.
That said, I think this is one _isolated_ case where perhaps the OP should have been questioned and this package not immediately disowned.
Indeed this was an isolated case. Ok, that sounded indeed overreacting. Sorry for that. Please understand that all I saw was: "Please disown package X" - "Done". The moment it was disowned, anyone was free to adopt the package, I could have done it, it was still orphan. The thing is, I'm looking for a way to catch a maintainer change with my installed AUR packages. This is why I'm subscribed here, and this is why I constantly check the AUR packages whether the maintainer is still the same or not. I'm planning to write a script to keep track of the maintainers in the AUR packages and run it everytime I update them to get an alarm. Is there already such a script maybe? And finally I must join you in the praise of the TU's, I really was not aware of the harsh tone in my answer. So, again, sorry and Thanks TU's and Devs for your work.
Sanskritfritz, I like your idea and am actually working on an API to check for maintainer changes in a range of dates while providing as much details as possible on that change. It should be ready by the end of the day and will let you (and the mailing list) know. Kindly, Alex On Thu, Sep 13, 2012 at 3:31 AM, SanskritFritz <sanskritfritz@gmail.com>wrote:
On Wed, Sep 12, 2012 at 5:03 PM, Dave Reisner <d@falconindy.com> wrote:
On Wed, Sep 12, 2012 at 04:48:11PM +0200, SanskritFritz wrote:
On Wed, Sep 12, 2012 at 4:01 PM, Alexander Rødseth <rodseth@gmail.com> wrote:
Hi,
Disowned. Thanks.
I find this a bit interesting and alarming. The OP has not shared any details about any reason or about writing emails to the maintainer, nevetheless you disowned the package without asking. May we know the reason? This process is too open if you ask me, anyone can ask here to disown any package. Now there are packages in the AUR which I trust, because I trust the maintainer, hence I don't check the PKGBUILD before every update. A git package can be changed any time without version check, but it will be compiled every day when I makepkg. So to summarise: someone asks for a disown here, gives no reasons why. You orphan it, anyone can adopt it immediately and change the package as he wants. I update the package using cower, and trust that the maintainer has not changed (I know, my mistake), so I have an altered package without my knowledge. Am I missing something?
I think you're hugely overreacting. The TUs do a tremendous job of dealing with the constant onslaught of these requests. On the whole, I think they do an excellent job of auditing and doing the right thing. It's extremely rare that there's any drama or questioning of their actions. If you have evidence to the contrary occurring on this list, please feel free to correct me.
I definitely can't correct you, I'm subscribed for long time and never saw any problem with disown requests.
That said, I think this is one _isolated_ case where perhaps the OP should have been questioned and this package not immediately disowned.
Indeed this was an isolated case.
Ok, that sounded indeed overreacting. Sorry for that. Please understand that all I saw was: "Please disown package X" - "Done". The moment it was disowned, anyone was free to adopt the package, I could have done it, it was still orphan. The thing is, I'm looking for a way to catch a maintainer change with my installed AUR packages. This is why I'm subscribed here, and this is why I constantly check the AUR packages whether the maintainer is still the same or not. I'm planning to write a script to keep track of the maintainers in the AUR packages and run it everytime I update them to get an alarm. Is there already such a script maybe?
And finally I must join you in the praise of the TU's, I really was not aware of the harsh tone in my answer. So, again, sorry and Thanks TU's and Devs for your work.
On Thu, Sep 13, 2012 at 5:37 PM, Alex Belanger <i.caught.air@gmail.com> wrote:
Sanskritfritz,
I like your idea and am actually working on an API to check for maintainer changes in a range of dates while providing as much details as possible on that change. It should be ready by the end of the day and will let you (and the mailing list) know.
Wow, thanks, that sounds great!
2012/9/12 SanskritFritz <sanskritfritz@gmail.com>:
On Wed, Sep 12, 2012 at 4:01 PM, Alexander Rødseth <rodseth@gmail.com> wrote:
Hi,
Disowned. Thanks.
I find this a bit interesting and alarming. The OP has not shared any details about any reason or about writing emails to the maintainer, nevetheless you disowned the package without asking. May we know the reason? This process is too open if you ask me, anyone can ask here to disown any package. Now there are packages in the AUR which I trust, because I trust the maintainer, hence I don't check the PKGBUILD before every update. A git package can be changed any time without version check, but it will be compiled every day when I makepkg. So to summarise: someone asks for a disown here, gives no reasons why. You orphan it, anyone can adopt it immediately and change the package as he wants. I update the package using cower, and trust that the maintainer has not changed (I know, my mistake), so I have an altered package without my knowledge. Am I missing something?
No need for such harsh email. I don't think TUs would disown before analising some evidences, like why it is out-of-date, whether the maintainer is active or not, dates, etc. Anyway, this maintainer had only one package sent more than a year ago and did not replied for a week. It doesn't look like he is actually maintaining something.
12.09.2012 17:01, Alexander Rødseth пишет:
Hi,
Disowned. Thanks.
Thank you, Alexander! Package adopted and PKGBUILD updated. Best regards, Dmitry Korzhevin
participants (8)
-
Alex Belanger
-
Alexander Rødseth
-
Dave Reisner
-
Dmitry Korzhevin
-
Giorgio Lando
-
rafael ff1
-
SanskritFritz
-
Simon Perry