[aur-general] TU application: Maxim Baz

[Maxim Baz]

Hello everyone,

My name is Maxim Baz, and with Morten Linderud (Foxboron) as my sponsor
(who I was referred to by Alad Wenter) I'm applying to become a Trusted User.

According to the git history of my dotfiles, I've been using Linux
for around 3 years and Arch Linux for around 2 years. I'm quite active
open-source contributor, especially on Github as you can see on my profile
page [1]. Some of my currently favorite projects where I both contribute
code and participate in discussions are: browserpass, wire-desktop, kitty,
kakoune, spaceship-prompt, and undoubtedly aurutils. I also once submitted
a small patch [2] to pacman-contrib that got merged.

During the day I work at Microsoft, where I am also using Arch Linux and
building software that runs on Linux in production.

In my mind, packaging is one of the best ways to do good for Arch Linux
community. Luckily there are tools that make this easy: I use Alad's aurutils
and always build in chroot, fixing broken PKGBUILDs on the fly and sharing
my fixes with package maintainers on AUR; to manage my own AUR packages [3]
(except for the very few) I now use aurpublish tool by Eli Schwartz.

Maintaining 'chromium-vaapi' in particular showed me how important it is to
keep a valid up-to-date PKGBUILD for a tool that many people rely on every
day, as well as how useful it is to provide precompiled binaries for apps
that require lots of time and/or resources to compile — this is how my
package 'chromium-vaapi-bin' was born.

One aspect of packaging that always interested me is security and
trust. Firstly, I have recently stumbled upon the idea of "reproducible builds"
and I love it, Eli Schwartz and Morten Linderud briefly introduced me to
the current efforts and I'm planning to get more involved in this area. In
particular, I'm interested in the user-facing side of things, figuring out
how to integrate this with pacman and how to let regular users benefit from
reproducible builds the most. Also, as a TU I want to help finishing TODO
"BUILDINFO rebuild" [4] if it's not completed earlier. Secondly, to maintain
people's trust in Trusted Users we should never use http to fetch sources
unless a verification method (such as a gpg signature) is also available,
that's why I also want to help burning down a corresponding TODO "Use gpg
signatures and https sources" [5].

Another thing I would do as TU is I would like to maintain and co-maintain
packages for some Language Servers (if the current maintainers don't
object). Language Server Protocol is a very cool concept (designed by
Microsoft :P), it defines a protocol used between programming languages
and editors to add features like autocomplete, go to definitions,
code formatting and much more. Language servers themselves are being developed
by community and are already supported by many editors like vim, neovim
and kakoune. I am planning to start with the following packages:

- bash-language-server: already in [community], I'd like to co-maintain it

- python-language-server and python-jsonrpc-server: already in [community],
I'd like to co-maintain them

- go-langserver: the most feature-rich language server at the moment,
to bring it to [community] I started the discussion with the upstream
maintainers about tagging releases

- kak-lsp: de-facto official plugin that adds LSP support for kakoune editor.

I would also like to move some AUR packages to [community], in particular
these ones have good amount of votes and in my mind deserve to be promoted to
[community]:

- wire-desktop (76): End-to-end encrypted messaging app that works on Windows,
Linux, Mac, Android and iPhone. It is free, open-source and available
on Github. Although I'm co-maintaining this package on AUR, I was mostly
focused on contributing to the project itself: I added proper emoji support
(following the latest Unicode standard), emoji autocomplete and improved
native notifications on Linux (show user pictures, set urgency hint).

- browserpass (31): Browser extension for pass (unix password manager),
works in Chromium and Firefox. I became the primary project maintainer about
a year ago, and together with another maintainer recently started rewriting
it to make the architecture accommodate users' needs. I'm planning to bring
this to [community] after the new version is ready (we are aiming to release
in December). Also, someone in comments on AUR gave me a cool idea to use
split-packages for Chromium and Firefox browsers, I'm going to do this as
well (current PKGBUILD installs browserpass for both browsers, even if these
browsers are not installed).

- ttf-emojione (33): Colorful emoji font from EmojiOne. I created a Docker
image that is able to compile the font out of image assets, and configured a
Travis job for EmojiOne team so that the font is automatically being compiled
on every commit and attached to every Github release.

- grub-btrfs (15): Detects and includes btrfs snapshots in GRUB menu, allowing
to easily boot in any existing snapshot. I personally use grub-btrfs in
combination with snap-pac and snap-pac-grub for seamless integration with
snapper and pacman.

- python-black (10): Python code formatter that quickly gains popularity,
I see it being adopted more and more in the community of Python developers,
so I want it to be available in [community] repo.

- gocryptfs (18): Encrypted overlay filesystem, an alternative for encfs.

For all of the above, I'm being active on their Github pages and monitoring
new releases using urlwatch.

Finally I would like to co-maintain some of the packages that are already in
[community] if the current maintainers don't object, I use them myself and
participate in their development:

- kakoune
- kitty
- prettier
- py3status
- urlwatch

Sometimes I flag these packages as outdated, but I could just as well bump
the versions myself.


The above is the bare minimum, I reserve the right to discover more cool
projects to maintain and co-maintain :P


Cheers,
Maxim Baz


1: https://github.com/maximbaz
2: https://lists.archlinux.org/pipermail/pacman-contrib/2018-February/000079.html
3: https://github.com/maximbaz/pkgbuilds
4: https://www.archlinux.org/todo/buildinfo-rebuild/
5: https://www.archlinux.org/todo/use-gpg-signatures-and-https-sources/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20181029/f231dc3b/attachment.asc>