Steve Langasek <[EMAIL PROTECTED]> wrote: > There are good reasons for having the checks that we do in the NM queue; I > don't think there's anything in there that should be cut out, being a full > member of Debian does bring with it a lot of privilege and responsibility, > and the process for deciding to grant those privileges should be pretty > heavy-weight.
I disagree with the above. The *process* should be lightweight, so that work is getting done on debian instead of the NM process. The *testing* should be harsh, severe and - well - testing. Changing the NM process from the current interrogation into something more evidence- or portfolio-based is long overdue. Instead of testing that people can read and write policy, we should test that people can do key tasks. Sometimes this may be a dummy task, as not everything can be done by everybody for real, but hopefully not too often. However, I seem to recall that this is not a popular opinion yet. > The question is, is there a way we can minimize the overhead of integrating > contributions from folks who aren't (yet) DDs? Given what I see and hear > from various sponsors, the review of sponsored uploads is already a joke; > various sponsors already trust their sponsorees implicitly, so if there's > already no real review happening, are we better off dispensing with the > illusion? The sponsors who have enough time to make such silly claims should be spending more time checking their sponsorees packages! I wonder if some of them are sponsoring because they think NM is needlessly slow, rather than because they want to do a proper education/mentoring task. Sponsoring is probably something that needs more guidance. Each sponsor has their own habits and there's little to say what's the best. Personally, I think the sponsor should appear in Uploaders @debian.org to be obvious if it goes wrong, but I think others disagreed last time I wrote that. [...] > Hmm. Who's responsible if a DD uploads malware? Unless there is extreme collusion or negligence, I would expect the DD to be held responsible, as there are clear project policies against it and oversight by the project that might detect it. Regards, -- MJ Ray - see/vidu http://mjr.towers.org.uk/email.html Webmaster/web developer, statistician, sysadmin, online shop maker, developer of koha, debian, gobo, gnustep, various mail and web s/w. Workers co-op @ Weston-super-Mare, Somerset http://www.ttllp.co.uk/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
