[Haskell-cafe] Unmaintained packages and hackage upload rights

Erik Hesselink hesselink at gmail.com
Fri Jan 31 09:04:33 UTC 2014

On Fri, Jan 31, 2014 at 3:15 AM, Roman Cheplyaka <roma at ro-che.info> wrote:
> * Erik de Castro Lopo <mle+hs at mega-nerd.com> [2014-01-31 09:22:36+1100]
>> I really can understand why you did this; I am frustrated by some of
>> the same issues. However, I think if any significant number of people
>> did this, the results could easily be disasterous.
> Agreed. Maybe we need those disasterous results to realize that the
> current process is bad and come up with a better one. Or maybe it's just
> me, and everyone else is happy (enough) with the process, so nothing
> will happen.

That's a rather fatalist attitude, and also one that is not warranted
given the replies in this thread. Let me try to be more constructive

I propose to make the trustees group able to upload any package, with
the understanding that they only do so to make packages where the
maintainer is unreachable compile on more compilers or with more
versions of dependencies. The newly uploaded version should have a
public repository of the forked source available and listed in the
cabal file. The process would then be:

* User fixes a package, emails the maintainer.
* No response: User emails trustees.
* Trustees check the above conditions, and upload the new version.

This is more lightweight that the process to take over maintainership,
and it can be, because we're not trusting a random user with a random
package. Instead, we're only trusting a fixed set of maintainers and a
small, publicly visible change. Because of this, the waiting times for
non-responsiveness can probably also be shorter than in the maintainer
take-over process.

Would this alleviate the frustration, while at the same time
maintaining enough security and sense of package ownership?



More information about the Haskell-Cafe mailing list