From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id LNAeJANFjGDNVgEAgWs5BA (envelope-from ) for ; Fri, 30 Apr 2021 19:57:23 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id 6pTRHgNFjGAYSgAA1q6Kng (envelope-from ) for ; Fri, 30 Apr 2021 17:57:23 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 11EF323215 for ; Fri, 30 Apr 2021 19:57:23 +0200 (CEST) Received: from localhost ([::1]:37766 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lcXOE-0003NL-2f for larch@yhetil.org; Fri, 30 Apr 2021 13:57:22 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:45620) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lcX8A-0003Cu-SA for guix-devel@gnu.org; Fri, 30 Apr 2021 13:40:47 -0400 Received: from relay7-d.mail.gandi.net ([217.70.183.200]:57307) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lcX87-0000VB-DR; Fri, 30 Apr 2021 13:40:45 -0400 X-Originating-IP: 92.169.147.163 Received: from mimimi (lfbn-idf2-1-1335-163.w92-169.abo.wanadoo.fr [92.169.147.163]) (Authenticated sender: mail@ambrevar.xyz) by relay7-d.mail.gandi.net (Postfix) with ESMTPSA id 6B78A20006; Fri, 30 Apr 2021 17:40:37 +0000 (UTC) From: Pierre Neidhardt To: Pjotr Prins Subject: Re: A "cosmetic changes" commit that removes security fixes In-Reply-To: <20210429141423.qtji4lsuaox7wfdk@thebird.nl> References: <5cbbfa9b258fb28beb9288685ccc85b4d015cd8a.camel@zaclys.net> <8735vgkttf.fsf@netris.org> <475c152f2e4bf0b566324223f2f5e3598279b87f.camel@zaclys.net> <87eeext6h4.fsf@nckx> <87lf92h0ei.fsf@gnu.org> <878s518ghz.fsf@systemreboot.net> <87zgxhl0os.fsf@ambrevar.xyz> <20210429141423.qtji4lsuaox7wfdk@thebird.nl> Date: Fri, 30 Apr 2021 19:40:36 +0200 Message-ID: <87fsz7isbv.fsf@ambrevar.xyz> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" Received-SPF: pass client-ip=217.70.183.200; envelope-from=mail@ambrevar.xyz; helo=relay7-d.mail.gandi.net X-Spam_score_int: 0 X-Spam_score: -0.1 X-Spam_bar: / X-Spam_report: (-0.1 / 5.0 requ) BAYES_00=-1.9, FROM_SUSPICIOUS_NTLD=0.499, PDS_OTHER_BAD_TLD=1.999, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=no autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: guix-devel@gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1619805443; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post; bh=o+KEdlZ8bpJTVhyj2yhOAwwWjisx65VRJaYn1WCfvMc=; b=SOjSGV3eN3a6CTuuaO5Pilr9LDrVr7FtjHxBj9a8WchZvWPev4mWN3LAz9VvOr1WV9qICu IsRegMJyWZkn0Cq1Wwv8e4yUzqwTi3As07hj/RjJaDMI7o7CtveMGiDzdDQlI8gYbTMkVf sX4JAXfhhXJ5+Wh85FoGfRJBcXRuCy1hMergFLLe88OPRkdSN7pDfmZKRFWnwBxa+zJbpt jlvlhUPuu8bQc8j9zoBCG0YrMWvHfkr/pHDng01e/i//SpJd1/92SDuQbUyyWdAsawVe/u 6qZmVIuLatgf5gWFMrd7aYRKME5VzYYwAmwSqhgj40fyi5FHss9ZfNnvO+uEPg== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1619805443; a=rsa-sha256; cv=none; b=Mgv/hnRNAkXnUmAm5AOJ+yklnyxr9Mf6uD/iJRXBT1DYmsDqcLAfI3rUpDMixu46ql8ikT WF9qNGQKQReCN3/li0OYLNXXgPmlY69B7ESLScxh9fSQ2N815YpropZvPP70EDW/Fe85x5 PUa50KT+Ghis8VTyglUWXjEyggq+lGsXObTuygDxRraxbIC/qF03+05+84Hdbp3GhA7Gq+ cvtAju5vV1Ur6HBKTv9MuAGHlcO5Gbwuo3khCdDQakciK90iNFZfsZtJQuinU0TVING8Cz joZ6tP4nQ8CqZGnaAkXu1RU+NQru4xvvNhfSZu+2mnG4hTPRIke3bPrb018/2w== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Migadu-Spam-Score: -4.56 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Migadu-Queue-Id: 11EF323215 X-Spam-Score: -4.56 X-Migadu-Scanner: scn0.migadu.com X-TUID: Dyy1JtJXk3iz --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi Pjotr, I haven't really followed the issue, so I couldn't say whether the decision taken by the core maintainers was right or not. However, I find that your message is insightful in that it raises a few questions on _how_ this decision was taken. > I am not a core maintainer, but it should be obvious that core > maintainers would not take a decision to revoke commit rights lightly. I trust that it is the case, but being the devil's advocate, I could argue that from reading this thread does not make it obvious. Maybe the decision process should be made more transparent? Reading between the lines, I feel that some discussion happened behind closed curtains between some maintainers. Correct me if I'm wrong. I don't know if this is ideal in such circumstances, but if it is, then it is probably a good idea to mention it. Another question one could ask: why just the core maintainers actually? Shouldn't everyone be involved? Maybe the right answer is "no" here, and if so, I believe we should explain why in the community guidelines. Lest the community present an image where a few would benefit from arbitrary privileges. It'd be nice to explicit these and the reason behind the various roles found among the members of the community. Last, maybe a more important question: if core maintainers are entrusted to take executive decisions about the community members, what about executive decisions about the core maintainers themselves? Are there such provisions? Example: what if a core maintainers misbehaves? Can they see there privileges revoked? How? Is this documented? > Marius representing the core maintainers clearly wrote: This is the > next in a series of incidents. Considering this is the main cause for the decision, I believe it's important to detail it with references. "a series of incidents" is too vague and in isolation, it does not seem to justify the decision very well. It seems necessary to me to recap the whole series of points that led to the decision. So maybe there are some issues we could address with regard to the structural organization of the Guix community, which could help making it increasingly more welcoming, peaceful and strong. Food for thoughts!=C2=A0:) =2D-=20 Pierre Neidhardt https://ambrevar.xyz/ --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQFGBAEBCAAwFiEEUPM+LlsMPZAEJKvom9z0l6S7zH8FAmCMQRQSHG1haWxAYW1i cmV2YXIueHl6AAoJEJvc9Jeku8x/jQYH/iC+skhsI9nLICukwasEvTFu9bo/rg6t s7OaGmur4hRfHGBmf8jErhIHc0GCyZZn8+eocZThpc7IMZlN4NuI9CzGS3F37hfx bFtsaxkwESUYG9BYAH0VjXPEUh7xPl1QOB9E8zS73zBDpg5rkt0yKZsOgJ6A/eHd 0EvOHiLS02G7oJpkG95dxal/3GbUi2zerpUhoqvOwbb3SQNCz/UiRgUknC+51u/j K8MpiIgBEqwyRuMGMogxuNPJQ2dQ+2EI0WPaVVBDVN+U2Yuj6YU1RR3FRZpEt3k0 CHj3HzVgvxgorzTnpiIDfJo0zzovXURw0FUGDZO5r2PwWYyBRi5vfXk= =ZuO4 -----END PGP SIGNATURE----- --=-=-=--