changing app review (voting) requirements

Allison Randal allison at ubuntu.com
Sat Nov 3 11:32:24 UTC 2012 

The three most important conclusions from the ARB sessions at UDS this
week are:

- With over 200 apps in the ARB queue (and growing), and only 3 ARB
members, we have hit the point where it's impossible for the ARB alone
to manage the queue. This isn't really a surprise, just "ah, yes, we've
reached that bridge we saw coming, time to cross it".

- It's time to start making the move to more automated publishing.
Fortunately, we've had commitments from the Foundations and Security
teams to invest resources this cycle in the tools to make automatic
sandboxing and package checks possible. (And, thanks to David Planella
and Michael Hall for all the work they've done getting those resources
allocated to us.) Automated tools won't cover all cases, and some
packages will still need to be manually reviewed, but automating as much
as possible will put the application process in a much, much better
position.

- But, developing those tools is a process, so we can't just switch
overnight. In the meantime we need to figure out how to scale manual
reviews to match the rising demand. A lot of the changes we discussed
are minor process refinements, more efficient workflows or tools that
are available now to help out with small chunks. One is a policy change,
and the ARB would appreciate input from the TB on whether this makes sense.

Currently, apps are approved by three +1s from ARB members. The ARB
would like to change this to a model that more closely matches the
Ubuntu archives, and require two reviews:

  - One technical review, made by any Ubuntu Developer. This covers
packaging, code review, security review, and any other technical details
that are the same between Extras packages and main/universe packages.)

  - One compliance review, made by an ARB member. This may cover
technical aspects of the package, but more importantly covers the
details that are unique to Extras packages. This is similar in many ways
to an archive-admin role.


Opening up app approval reviews to all Ubuntu Developers increases the
potential capacity for app reviews. Approval reviews can be a
lightweight "I have a couple hours to help this week", instead of an
intense long-term commitment. Widening the pool will also help with
scaling for bursty demand, like the App Showdown contest this summer,
where the ARB got ~150 app submissions in ~3 weeks.

When announcing this change, we'd also make it publicly known that we're
equally happy if Ubuntu Developers want to contribute by adopting apps
from the ARB queue for universe+backports or debian-mentors. (Using
their judgment picking out the apps that are substantial enough to make
sense in universe or Debian.) The idea here is that a) it's most
important to get the best apps in *somewhere*, b) the app developers
mostly only care about "getting into Ubuntu", and don't care about (or
often even know about) the significance of different archives, and c)
many Ubuntu or Debian Developers would be more motivated to help get
apps into debian-mentors/universe+backports, than into extras.


Does this policy change around manual reviews seem sensible? Any
thoughts or concerns?

Thanks,
Allison

More information about the App-review-board mailing list