[newmaint-site] contributors.debian.org milestones

Laura Arjona larjona99 at gmail.com
Fri Nov 1 00:33:41 UTC 2013


Enrico Zini enrico at enricozini.org
Mon Oct 28 20:48:38 UTC 2013
________________________________

[...}
> Milestone 1: proof of concept
[...]
>  - We document how to build data mining scripts.

I think I can try to do this. However, I cannot download the sample
script (git.debian.org:~enrico/get-webteam-contributors)
I have tried from my laptop:

git clone git.debian.org:~enrico/get-webteam-contributors

And I get: Permission denied (publickey).

I have logged in by ssh into my larjona-guest account in alioth, and
tried from there, but again permission denied.
I have tried to browse the repo in Iceweasel but I cannot find it in
http://anonscm.debian.org/gitweb/

>  - We call for teams to start experimenting with sending data to the
>    site.

I have a guest account in alioth, and can checkout the webwml
repository (www.debian.org) and the publicity repository. If that is
enough (about permissions) for being able to send the data, I can do
some test in behalf of those teams.

Regards
Laura Arjona
https://wiki.debian.org/LauraArjona


Milestone 2: moar data sources
(possibly taking advantage of the minidebconf in Cambridge)

 - We lobby teams for setting up data mining scripts and posting data to
   the site. We can help them set these up, but they should ultimately
   be the responsibility of the teams themselves.

Milestone 3: moar identifiers

 - Get more kinds of identifiers into the mix: emails, gpg fingerprints,
   wiki names.

   This needs figuring out both privacy requirements and integrity
   requirements: we need to avoid to open trolling avenues, like sending
   one silly bugreport a week as debiansux at ownyouftw.troll to get into
   the list. Identifiers should be somehow tied to reputation that is
   built up with constructive work: if one wants to have
   debiansux at ownyouftw.troll end up in the list, they need to earn it
   honestly.

   Two possible ideas:

    - one needs to have a gpg key with a trust path leading to the
      strongly connected set;
    - the initial opt-in is initiated with a mail from the Debian
      Welcome Team, and they might decide to wait a bit and see when
      they notice a suspicious identifier.

   But really, different identifiers may have different requrements,
   we'll see it when we get there. As data flows in from new data
   sources, we should start getting some idea.

   For example, emails in debian/changelog, since a DD signs for its
   integrity, can be trusted differently than emails from the BTS, where
   anyone can post.

 - Identity management needs to be implemented, and this probably means
   waiting until after the single signon sprint meeting that should
   happen in January. Too much information is missing now to make good
   tradeoffs.


Ciao,

Enrico

-- 
GPG key: 4096R/E7AD5568 2009-05-08 Enrico Zini <enrico at enricozini.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/newmaint-site/attachments/20131028/999f81a8/attachment.sig>



More information about the newmaint-site mailing list