18:00:26 <geppetto> #startmeeting fpc
18:00:26 <zodbot> Meeting started Wed Nov 29 18:00:26 2017 UTC.  The chair is geppetto. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:00:26 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
18:00:26 <zodbot> The meeting name has been set to 'fpc'
18:00:26 <geppetto> #meetingname fpc
18:00:26 <zodbot> The meeting name has been set to 'fpc'
18:00:27 <geppetto> #topic Roll Call
18:00:34 <tibbs> Howdy.
18:00:36 * limburgher here
18:00:40 <geppetto> #chair tibbs
18:00:40 <zodbot> Current chairs: geppetto tibbs
18:00:43 <orionp> hello
18:00:46 <geppetto> #chair limburgher
18:00:46 <zodbot> Current chairs: geppetto limburgher tibbs
18:00:52 <geppetto> #chair orionp
18:00:52 <zodbot> Current chairs: geppetto limburgher orionp tibbs
18:00:57 <geppetto> Hey ppl
18:02:31 <geppetto> #chair tomspur
18:02:31 <zodbot> Current chairs: geppetto limburgher orionp tibbs tomspur
18:02:40 <tomspur> Hi
18:03:13 <geppetto> Hey
18:05:31 <tibbs> Another stupidly busy day for me here.
18:05:44 <limburgher> Is me.
18:05:55 <geppetto> ok
18:06:41 <geppetto> #topic Schedule
18:06:43 <geppetto> https://lists.fedoraproject.org/archives/list/packaging@lists.fedoraproject.org/message/6IGVASP6DMJVUJ2HNZAFQPVWURIGZ67J/
18:07:04 <geppetto> #topic #720 Easy way of changing/removing shebangs
18:07:11 <geppetto> .fpc 720
18:07:12 <zodbot> geppetto: Issue #720: Easy way of changing/removing shebangs - packaging-committee - Pagure - https://pagure.io/packaging-committee/issue/720
18:07:43 <tibbs> I don't think there was any movement here.
18:07:48 <limburgher> There must be an afghan on this ticket.
18:07:57 <limburgher> Because I don't feel a draft.
18:07:58 <geppetto> Huh, yeh, no idea why it made it to the schedule as new :(
18:08:02 <tibbs> We were hoping for a draft, but also I know some things were submitted upstream.
18:08:29 <tibbs> As in he was trying to get a post-install shebang fixer script into rpm upstream.
18:08:38 <geppetto> #topic #726 Review for SELinux Independent Policy packaging Draft
18:08:42 <tibbs> Then Fedora could just turn it on.
18:08:43 <geppetto> .fpc 726
18:08:44 <zodbot> geppetto: Issue #726: Review for SELinux Independent Policy packaging Draft - packaging-committee - Pagure - https://pagure.io/packaging-committee/issue/726
18:08:59 <tibbs> Lots of movement here.
18:09:26 <tibbs> But it's still not something we could use.
18:09:49 <limburgher> avc: denied
18:09:58 <tibbs> So I need to go back through and extract the things from the updated document which could actually be used as a guideline.
18:10:17 <geppetto> So the guidelines updated weren't updated enough?
18:10:56 <tibbs> Well it still has all of the other stuff.  Like how to set up your own github repository to hold your policy.
18:11:54 <geppetto> Ok, do we want to info anything for them?
18:12:29 <geppetto> So we can prod it in the right direction … obviously lots of holidays around now, so might be no movement anyway
18:12:33 <tibbs> I don't think we need anything directly; they've been tweaking stuff that is related to what we want, but I think it's going to fall to us to turn that into a set of guidelines.
18:13:00 <tibbs> There are some related things we can decide on.
18:13:34 <tibbs> For example, do policies for Fedora packages need to have actual separate upstreams?
18:13:55 <limburgher> I wouldn't think so.
18:14:04 <tibbs> Or can I just put the two or three files I need in with my package?
18:14:15 <limburgher> It would also remove the need to suggest a non-free service in the guidelines.
18:14:22 <tibbs> Because the document we have assumes that you can't do that.
18:14:28 <limburgher> tibbs, ^^ THAT
18:15:04 <tibbs> We shouldn't be recommending any service; if the urge is there then the document has probably strayed outside of what should actually be in the guidelines.
18:15:12 <limburgher> Exactly.
18:15:48 <geppetto> #info Shouldn't be recommending external services.
18:15:59 <tibbs> I probably won't have time to do this properly, but maybe I can sketch an outline of what I think it should look like.
18:16:48 <geppetto> that would probably help
18:17:04 <geppetto> but you are busy and I can't see much happening for the next month anyway
18:17:32 <geppetto> On a related note to that, I won't be here next week.
18:19:49 <tibbs> Hmm, next week would be the 7th, right?
18:20:14 <tibbs> I will be driving to New Orleans so I guess I can't be around either.
18:21:57 * geppetto nods
18:22:01 <geppetto> #topic Open Floor
18:22:27 <geppetto> I've looked at a bunch of the other tickets on the schedule and while some could do with comments in the tickets, I don't see anything we all need to discuss in a meeting
18:22:50 <tibbs> Any opinions on the question Patrick asked?
18:23:04 <tibbs> https://pagure.io/packaging-committee/issue/729
18:23:28 <tibbs> It's the same old question that's come up since pretty much the day we started doing package reviews.
18:23:55 <tibbs> Should reviewers be required to actually provide any information of what they did, or is setting the flag enough?
18:24:01 <geppetto> I've no idea … package reviews are generally terrible and one time, I'd like them to change _A LOT_
18:24:24 <geppetto> A few I've seen have pasted random rpmlint/etc. like output.
18:24:29 <tibbs> I'd sure like them to be done via web form or something.
18:24:35 <tomspur> Hmm, I would be in favor of at least say "something reasonable" if it be only rpmlint output...
18:25:09 <tibbs> I used to spend an inordinate amount of time doing package reviews.  I realized that there was little point when most of them aren't going to be done that way.
18:25:54 * geppetto nods
18:26:18 <tibbs> At Flock, Xavier said that he had been working on an application to handle package reviews.  He was supposed to get with me about it afterwards but I certainly had any time to follow up.
18:26:30 <geppetto> wow
18:27:08 <tibbs> Before that there was Fresque, but it never went anywhere either.
18:27:25 <tibbs> https://github.com/fedora-infra/fresque
18:28:05 <tibbs> I don't know if Xavier planned to make use of the fresque stuff or not.
18:28:27 <limburgher> Dayum
18:29:08 <tibbs> I think they had an intern or GSOC student working on it.  I only learned about it at Flock in Rochester but I think by then it was already mostly dead.
18:29:31 <tibbs> Anyway, if anyone has this big pile of time....
18:29:37 <geppetto> haha
18:31:15 <tibbs> But Patrick's question was still a good one.  It's just that neither FESCo nor this committee could make a real decision.
18:31:36 <tibbs> Ten hears ago, that is.
18:31:55 * geppetto nods
18:32:30 <geppetto> Ok, going to close in a minute or so.
18:32:32 <limburgher> k.
18:32:34 <tibbs> I recall that Ralf was against any requirements on reviewers.
18:32:44 <tibbs> But I certainly wouldn't want to speak for him....
18:32:49 <limburgher> ...
18:33:22 <tomspur> I think it is hard to formulate the requirements...
18:33:25 <geppetto> I think Ralf is living in 2005 where all the reviewers were old hands.
18:33:42 <tibbs> tomspur: Yes, that's exactly it.
18:33:55 <tibbs> I wanted to mandate a form, and then have an application to generate it.
18:34:04 * geppetto nods
18:34:15 <tibbs> But really, someone could just click all of the checkboxes anyway, so in the end what to we really accomplish?
18:34:26 <limburgher> That would be lovely. Stupid-proof it to the best degree possible. Automate what can be automated.
18:34:46 <geppetto> +1
18:34:52 <limburgher> Honestly I just copy/paste and mark up Spot's checklist.
18:35:09 <limburgher> And everyone seems to assume I know what I'm doing so it's all good
18:35:15 <tomspur> :)
18:35:23 * limburgher shouldn't have said that out loud.
18:35:27 <tibbs> Better linting and gating builds on that would also be great, but all of the automation is so far from 100% that it's more annoyance than anything.
18:35:37 <limburgher> YEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEESSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS
18:35:42 <tibbs> So you just get those rpmgrill notices and then you ignore them.
18:36:33 <tibbs> My ideas were to have a place on pagure to hold in-review packages.  People worked on them.  When N packagers nominate the package for stable, it goes.
18:37:16 <limburgher> That's so crazy it might work.
18:37:26 <tibbs> I mean, I'd like to at minimum require someone to say that they looked at the license, and I'm sure the legal folks would love that, too.  But what would such a statement actually mean?  I don't want to take the blame for allowing some license or patent violation into the distro.
18:38:17 <tibbs> I can actually ask the legal list, I guess.
18:38:51 <sgallagh> tibbs: I'm not a lawyer, but I think our safe harbor protections only require that we have a policy in place for dealing with violations if they accidentally slip in (acknowledging that people make mistakes)
18:39:18 <sgallagh> To get "blamed", I think someone would have to prove intent.
18:39:36 <limburgher> Notoriously difficult.
18:39:51 <sgallagh> Again, I'm not a lawyer and this is not legal advice.
18:40:33 <limburgher> There needs to be an :IANAL:
18:41:01 <tibbs> Right, the question is what "accidentally" means.
18:41:09 <sgallagh> 🍺 ?
18:41:30 <tibbs> I don't know if the lawyers actually care if we look.
18:42:21 <tibbs> If they don't, then FPC and FESCo can decide on policy.  If they do care, then we should know what they actually want us to do.
18:42:30 <sgallagh> tibbs: I *think* that what they care about is that we at least check that the license upstream lists is acceptable. Not necessarily that we have done a legal review that the license is *correct*.
18:42:52 <tibbs> Sure, but then does someone actually have to say that they checked?
18:43:12 <tibbs> The issue is about zero-content package reviews, where someone just says "approved" and clicks the button.
18:43:40 <sgallagh> tibbs: The cynic in me wonders how that's different from most of the ones we have today...
18:44:20 <tibbs> Pretty much what's been in my head as well.
18:44:42 <tibbs> Also, vit sent a message asking if we could get back to the ruby stuff.
18:45:19 <tibbs> That's https://pagure.io/packaging-committee/issue/710
18:45:23 <geppetto> https://pagure.io/packaging-committee/issue/710 ?
18:45:28 <tibbs> I just saw his message.
18:45:29 * geppetto nods
18:46:28 <tibbs> His complaint about how we should branch the guideline ignores the reality that the people actually doing packaging don't want to have to read.... six different guideline documents (one for each of rawhide, F27, F26, F27, EL7, EL6).
18:46:43 <tibbs> I don't understand why ruby has to be so terrible with all of this.
18:46:50 <geppetto> I kind of understand his POV … but, yeh, we'd need better tools
18:47:18 <limburgher> Like the way readthedocs works, sort of.
18:47:34 <geppetto> Like maybe it'd be possible to bundle all of the packaging documents at a release and mark them as for that release
18:47:38 <tibbs> I fail to understand it.  You wait until something is "broadly usable" and then you document the exceptions.
18:47:49 <limburgher> It would default to rawhide, but be switchable to the other supported releases, so when something went EOL the Guidelines go night-night.
18:48:06 <geppetto> I think the problem is that if stuff changes a lot that can be painful.
18:48:11 <tibbs> But what good does that do people who just want to know how to package?
18:48:19 <limburgher> tibbs, Not everyone thinks Ruby is "broadly usable".
18:48:21 * limburgher ducks
18:48:29 <geppetto> limburgher: :)
18:48:35 <tibbs> You get something which works on rawhide but isn't useful on any released Fedora version.
18:48:40 <tibbs> Packagers just don't want that.
18:50:30 <geppetto> Ok, we went another 20 minutes :)
18:50:36 <geppetto> #endmeeting