[Pkg-zope-developers] Re: Zope 2.7 and Plone 2 status

Andreas Tille tillea@rki.de
Fri, 3 Sep 2004 08:15:23 +0200 (CEST) 

On Thu, 2 Sep 2004, Damien Genet wrote:

>> For the CMF issue there are certain technical reasons if I'm not completely wrong
>> which seem to make it a sane decision not to upgrade to a new version before Sarge
>> releases because it would destabilize a certain amount of stuff.  Alternatively
>> we would need a hand full of full time Debian-Zope packagers.  Anyone willing to
>> pay for those people?
>
> Unfortunately cmf and plone are also the most known and visible Zope
> products.
> At least from the reverse dependencies only a few packages depends on
> them, so I'm not sure I see what they could destabilize.
>
> Of course as sarge is supposed to be released this month, I agree that
> updating them is too late now. Wich also means that considering the
> frenquency at wich Debian releases new versions, the plone and cmf
> versions shipped in Debian stable will quickly become obsolete and not
> really usefull.
Well, this is true for several other software packages in Debian and there is
continuos discussion in Debian how we could enhance this situation.  This is
not really Zope specific but there was no solution until now.

>> Well this package is mainly unmaintained.  Some weeks ago I was thinking about
>> a NMU of this package but I was not really convinced we really need YAW (Yet Another
>> Wiki).  Feel free to file a request for removal to ftpmaster if you are very
>> bored by this outdatedness.
>
> What do you mean by Yet Another Wiki ?
Well, I mean

     $ apt-cache search wiki | grep -i wiki | wc -l
     18

with some false positives.  So I think we do not really depend on a Wiki just
because it is implemented in Zope.  If there is nobody really interested in the
maintainance of this package we should probably drop it.

> But I'm certainly not suggesting to remove it either :).
But why not dropping a package which nobody is actively maintaining.  As you
said most users just will take the upstream version and thus a package does
really make no sense.

> Btw, latest version doesn't work with zope 2.6 without a patch, as do
> more and more products...
So it should get a RC bug assigned which would at least keep it out of Sarge -
or wakes up the maintainer.

> Well, even minor version could means than the latest debian package was
> year(s) behind upstream. This gave me the rather bad feeling that zope
> debian packages were not really maintained anymore.
I think that your feeling that Debian packages of a considerable amount of
Zope products is not as good as it should be is correct.

>> If you think my point of view is wrong I will orphan these packages but I doubt
>> that this would lead to more frequent updates and thus would not really change
>> the situation you are critizising.  To make it clear: I just understand your
>> point of view that the situation should be enhanced but I see no way how to
>> do this.  BTW, I really appreciate your work in keeping an eye on this problem
>> which might be a partly solution for the problem mentioned above.
>
> I certainly didn't want to sound harsh nor offensive,
You was perfectly right in your technical analysis and I did not felt
offended.  It was just a technical consideration that there are two options
when facing the situation that packages are not maintained good enough:
Dropping a package which anybody else is interested and could do a better
job or just keeping it because chances are low that somebody will take
it over.

> but I thought that underlining the matter may be of some usefullness.
... and it was useful obviousely.

> For instance we (at
> our - tiny - company) have stopped using prepackaged debian products for
> some time now. Wich is certainly not a problem for us, not even an
> annoyance, but simply this reflect problems wich I would prefer not
> being present in Debian, with all the respect I have to it.
Well, you have four options

    1. Install upstream packages and ignoring Debian packages
    2. Backport latest upstream and build a local repository with the
       latest versions (this should be a benefit in terms of saving time
       if you have more than one box using these products - I do this
       for Zope products I'm using in private because I do not regard them
       as interesting enough for the public).
    3. Send patches to the BTS to help Debian maintainers.
    4. Become a maintainer yourself and ask the former maintainer to
       sponsor your package.

Just choose the option which fits your time frame.  IMHO option 2.-4. would
save time and efforts in maintainance if you have at least a hand full of
machines were these packages are installed.

> As you can see with the high latency I need to respond emails, I'm not
> really able to be helpfull either. Therefore I'm certenly not throwing
> the stone to anyone.
I do not have the feeling of becomming thrown with stones if anybody does
a reasonable critics.  So do not worry if my response sounded harsh.  As
I said your analysis was welcome even if I continue to think that the
*general* situation was not as bad as you said.  It was perfectly all
right for a cartain amount of packages.

> Only if you find it of some help, I can continue to issue bugreports
> from time to time, but unfortunately this is the most I can do atm.
Any help is welcome - just choose one of the options above.

Kind regards

          Andreas.