Proposing MIR process simplification

Martin Pitt martin.pitt at ubuntu.com
Mon Jan 11 09:26:02 GMT 2010 

Hey Bryce,

Bryce Harrington [2010-01-05 15:49 -0800]:
> Actually, I personally find the boilerplate text useful as a checklist
> to work through, marking items off as I do them.  I'd probably end up
> doing all the same work if we were doing them in LP vs. wiki.

Yes, the amount of review you need to do didn't change, just what you
have to write. Of course we keep the UbuntuMainInclusionRequirements
checklist, and you have to confirm that you know about it and have
checked it.

> Most of the "bureaucracy" comes not so much from having to write
> documentation (I usually just cut-and-paste from another MIR anyway),

That was the actual problem. With a few notable exceptions, MIR wiki
pages were absolutely boring, sloppy, and even wrong in many cases
(due to not having checked items and instead just copy/pasting the
report).

The intention of the checklist/report is to (hopefully) encourage the
requestor to do it before filing the MIR, and fix packages accordingly
(or think about a different strategy how to avoid crackful packages).

Of course the MIR team doesn't blindly trust the MIR reports, we check
the packaging, security history, Debian PTS and all others anyway
(sometimes we miss build dependencies, though).

So asking reporters to check the requirements themselves is just an
attempt to make the MIR processing more efficient.

(Which arguably doesn't work very well -- people keep feeling requests
for crackful stuff because "I need it now argh argh")

> My opinion is that we really ought to do this as a CGI form.  Given a
> package name (and alternate names), it should try to do as much as it
> can itself, and then prompt the user for any discrepancies or any steps
> that cannot be done programmatically.

This would certainly be nice to streamline the reporting.  it cannot
replace a human inspection, since inspecting packaging and code
quality aren't mechanically doable at all (except perhaps lintian
output, but we already have that), and even fetching the security
history is tricky because you often have to do name variations.
However, it might encourage people to just fill in the form without
looking at the actual package?

> Here's a really rough mockup of what I have in mind (type in package
> 'foo' and hit go):
>  http://www2.bryceharrington.org:8080/cgi-bin/mir.cgi

I do like the automatic availability and dependencies checks. Having
this as a script would already help quite a bit. Perhaps this could
also go to ubuntu-dev-tools.

Thanks,

Martin

-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)

More information about the ubuntu-devel mailing list