#fedora-meeting-1 log

16:00:20 <spot> #startmeeting Fedora Packaging Committee
16:00:20 <zodbot> Meeting started Wed Apr 25 16:00:20 2012 UTC.  The chair is spot. Information about MeetBot at http://wiki.debian.org/MeetBot.
16:00:20 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
16:00:24 <spot> #meetingname fpc
16:00:24 <zodbot> The meeting name has been set to 'fpc'
16:00:31 <spot> #topic Roll Call
16:00:56 <tibbs|h> Howdy.
16:01:15 * abadger1999 here
16:01:25 <spot> limburgher, rdieter_work, SmootherFrOgZ: ping
16:02:10 * limburgher here, distracted. :(
16:02:28 <Rombobeorn> Hi! Could somebody add Packaging:Ada to the Packaging guidelines category?
16:03:03 <rdieter_work> here
16:03:15 <abadger1999> Rombobeorn: I'll do the present Guidelines right now
16:03:15 <spot> Rombobeorn: oh, you mean the big list at the bottom?
16:03:32 <abadger1999> [[Category: Packaging guidelines]]
16:03:41 <spot> oh.
16:03:54 * SmootherFrOgZ here
16:04:25 <spot> geppetto: here?
16:04:28 <geppetto> yeh
16:04:40 <geppetto> current meeting is overrunning … but here
16:04:43 <spot> okay, so we have quorum easily
16:05:05 <spot> #topic Bundled library exception - allow calibre to bundle pyPdf? - https://fedorahosted.org/fpc/ticket/167
16:05:28 * nirik waves. I'm here to answer any questions I can
16:06:35 <limburgher> It looks like more or less a fork of the upstream, and more maintained than upstream.  Am I reading that right?
16:06:40 <spot> this seems to be roughly identical to the qcodeedit case.
16:06:42 <Rombobeorn> I see the category now. Thank you, abadger1999!
16:06:50 <nirik> limburgher: yeah, pretty much.
16:06:54 <geppetto> limburgher: yeh, that's how it read to me too
16:06:59 <nirik> heavily mutated for their own needs.
16:07:06 <tibbs|h> This seems reasonable.
16:07:13 <abadger1999> nirik: Is "upstream is trying to move away from this library to their own custom one" part and parcel to "There is a plan upstream to someday re-write the library for completely their own internal use from the ground up, but it's not been a priority. " ?
16:07:17 <limburgher> In that light, I'm in reluctant favor.
16:07:47 <nirik> abadger1999: yeah, I have read of plans to replace this, but it's not happened and they don't seem to be in a hurry to.
16:07:58 <tibbs|h> I think it's a given that nobody will ever be more than reluctant when it comes to bundling.
16:07:58 <abadger1999> :-(
16:08:30 <abadger1999> The comments about upstream in relation to distros dont fill me with confidence.
16:08:44 <geppetto> tibbs|h: But from our POV it doesn't really matter if they do … it's just one set of custom "bundled" code being replaced with another
16:08:50 <nirik> upstream advises anyone who has any problem with any distro version to not use that and use their installer. ;)
16:08:56 <nirik> which bundles a lot more things. ;)
16:09:06 <geppetto> That's always nice.
16:09:43 * abadger1999 imagines "Hey, a security issue was just filed against pyPDF in Fedora, do you have a patch for your bundled version"  "<grumble grumble> you distros, always wanting us to jump to your schedules.
16:10:20 <limburgher> I imagine we'll probably be shipping security patches to them in some cases.
16:10:31 <nirik> I suspect I would have to figure out how to apply any security update for pyPdf to the fedora package. Upstream has... interesting ideas of security.
16:10:47 <nirik> they shipped for a long time a suid root mount helper...
16:10:56 <nirik> (which fedora never shipped)
16:10:59 <abadger1999> pypdf upstream not making many changes is both a blessing and a curse... means we don't have a track record for how respnsive upstream is but also means they dont have to do much work to stay abreast of the upstream pypdf's latest changes.
16:11:17 <abadger1999> :-(
16:11:32 <geppetto> Are they actually tracking it at all?
16:11:38 <abadger1999> so a distro-unfriendly upstream that also doesn't understand security...
16:11:51 <geppetto> My impression was that they'd basically forked it and never looked at upstream pypdf anymore.
16:11:51 <nirik> pyPdf also seems to have no easy contact means I could see.. .there's a project page and a git repo, but no mailing list, maintainers addresses or bug tracker
16:12:08 <nirik> geppetto: thats my understanding as well.
16:12:20 <abadger1999> but otoh, they are diverging to the point where it's becoming a fork...
16:13:02 * geppetto nods … I mean in some ways it'd be nice to signal "upstream is annoying to deal with for distro." … but that's not about bundling, or anything to do with FPC atm.
16:13:02 * spot is a reluctant +1 on this exception
16:13:08 <geppetto> So … +1
16:13:19 <limburgher> +1
16:13:29 <rdieter_work> +1
16:13:30 <tibbs|h> +1
16:13:48 <limburgher> geppetto:  Provides: upstreamissues
16:13:57 <spot> that's +5, but if anyone else wants to vote, feel free
16:14:00 <SmootherFrOgZ> +1
16:14:02 <abadger1999> -1
16:14:05 <racor> -1
16:14:28 <spot> #action Bundling exception approved (+1:6, 0:0, -1:2)
16:14:33 * abadger1999 feels this violates most/all of the rationale against bundled libraries on http://fedoraproject.org/wiki/Packaging:No_Bundled_Libraries
16:15:15 <abadger1999> nirik: If we could get a commitment from upstream to work on/timeframe for making their own internal library to do that I'd be happier... but Im not holding my breath :-)
16:15:29 <nirik> I could try and ask them/him.
16:15:32 <tibbs|h> But it seems like it is their own internal library at this point.
16:15:41 <geppetto> yeh
16:15:43 <abadger1999> <nod>  yeah
16:15:51 * abadger1999 is happy that he wasn't the deciding vote this week.
16:16:10 <tibbs|h> I mean, if they had just done a renaming we wouldn't be talking about this at all.
16:16:34 <spot> Believe it or not, that is the only item on the agenda this week
16:16:38 <spot> #topic Open Floor
16:16:51 <abadger1999> well.... if you notice that most of the code is from somewhere else we probably would still have the discussion.
16:17:08 <abadger1999> but renaming does make it so that we don't notice as easily.
16:17:50 <spot> i will leave the floor open for topics until, say, 16:20.
16:18:15 <abadger1999> I noticed that we don't have a Packaging:Guideline entry to go with our ReviewGuideline "Packages should be tested to see that they function as described"
16:18:32 <nirik> I feel bad about asking for the exception, but I'm not sure what other options are really open for me. ;(
16:18:38 <abadger1999> <nod>
16:18:39 <tibbs|h> That's not really a packaging guideline issue.
16:19:03 <limburgher> I'm with tibbs.
16:19:04 <tibbs|h> It's more along the line of whatever other distro guidelines there are around actually testing packages before you push  them.
16:19:13 <abadger1999> We do have it in the Should items: https://fedoraproject.org/wiki/Packaging:ReviewGuidelines
16:19:35 <abadger1999> SHOULD: The reviewer should test that the package functions as described. A package should not segfault instead of running, for example.
16:19:52 <spot> except for "libsegfault"
16:20:03 <abadger1999> heh
16:20:14 <tibbs|h> Sure, it's part of the review process but not really part of the packaging guidelines.
16:20:22 <tibbs|h> Obviously there's no clean distinction here.
16:20:29 <abadger1999> yeah.
16:20:58 <abadger1999> So this came up because someone started writing up something on using Xnest to test functionality.... specifically mock and Xnest.
16:20:58 <SmootherFrOgZ> well, testings package should be something normal in the process. that must be a usual step from a reviewer.
16:21:09 <tibbs|h> By the way, since it is sort of related to the review process, I have a proposal before FESCo at https://fedoraproject.org/wiki/User:Tibbs/RevitalizingSponsorshipProposal
16:21:33 <abadger1999> which  doesn't fit in with things like the unittest section but is generally useful to point packagers and reviewers to.
16:21:44 <tibbs|h> I'm going to send that to devel@ for discussion later today.
16:21:58 <spot> tibbs|h: seems sane on a first read
16:23:22 <abadger1999> Looks good to me
16:23:41 <tibbs|h> back on the testing thread, it would seem to be a sad day if we have to add a guideline that says "Your package should actually work".
16:23:46 <abadger1999> Does it require more numbers than the current guidelines?
16:24:01 <SmootherFrOgZ> tibbs|h: +1
16:24:15 <tibbs|h> abadger1999: Sorry, two things going on.  What do you mean by "more numbers"?
16:24:26 <abadger1999> tibbs|h: that was about the sponsors changes
16:25:00 <tibbs|h> RIght now we have no sponsorship guidelines at all, much less ones involving numbers.
16:25:21 <abadger1999> I guess that I was thinking of the current provenpackager policy: http://fedoraproject.org/wiki/Provenpackager_policy
16:25:32 <abadger1999> "You must get at least 3 positive votes with no negative votes. "
16:26:15 <tibbs|h> Part of my proposal is to make provenpackager entirely unrelated to sponsor.
16:26:19 <abadger1999> <nod>
16:26:48 <abadger1999> Just saw "A packager may be made a sponsor with the consent of five existing sponsors" and wondered if it changed things significantly.
16:26:56 <tibbs|h> But if you want my opinion, FESCo has been ignoring that document anyway.
16:27:17 <tibbs|h> And that "five" was probably the number I pulled deepest out of my rear.
16:27:38 <abadger1999> :-)
16:27:48 <tibbs|h> The whole document is certainly open to tuning, and I'll probably reduce that five before I post it.  Three does seem much more reasonable.
16:28:15 <abadger1999> Cool.  I just wanted to mention it since I remembered it.
16:29:11 <tibbs|h> I still need to actually provide some sort of sponsor activity report.
16:29:30 <tibbs|h> Once that's done I'll make another tuning pass and then prepare for flames.
16:29:39 <limburgher> heh. :)
16:29:42 <abadger1999> :-)
16:29:49 <tibbs|h> But so far feedback has been quite positive.
16:29:53 <abadger1999> Regarding testing... would we have a place to link to or incorporate some of this page: https://fedoraproject.org/wiki/Packaging/Testing
16:30:23 <tibbs|h> Just the one technical thing to sort out so the proposal is actually complete.
16:30:38 <tibbs|h> Which, not coincidentally, is going to require more input from abadger1999.
16:31:07 <abadger1999> tibbs|h: oh, what was the technical input you need?
16:31:27 <abadger1999> oh the sponsor-has-acls thing?
16:31:29 <tibbs|h> Got to figure out how best to give sponsors access to the sponsorees' packages.
16:31:31 <tibbs|h> Yeah.
16:31:48 <abadger1999> doable but hard.
16:31:53 <tibbs|h> And, interesting, how was a regular user able to create a page under Packaging on the wiki?
16:32:00 <abadger1999> Doing it statically is easier than doing it dynamically.
16:32:16 <tibbs|h> Right, finding the "best" way is what's at issue.
16:32:34 <abadger1999> (ie: packager becomes owner of package -- at that time, the packagedb finds out who your sponsor is and adds them as a comaintainer)
16:33:25 <abadger1999> (vs dynamic: when the acls are generated, the packagedb queries fas to find out sponsors and then adds them to the acls for the packages you own.)
16:33:36 <spot> feel free to keep chatting, but i am going to close out the meeting.
16:33:40 <spot> thanks everyone
16:33:42 <tibbs|h> spot: Feel free.
16:33:43 <spot> #endmeeting