fas username: @fab package: security-lab issues to fix: https://pagure.io/fedora-pgm/schedule/issue/30 comaintainer: @jsimon I am interested in comaintaining the package: yes additional notes:
The Maintainer of the Security Lab has failed to respond to the Requirement that Spins/Labs confirm they want it to continue. https://pagure.io/fedora-pgm/schedule/issue/30
I asked Ben Cotton what the process was, and he said that there isn't a Spin-specific process, so to just go through the normal non-responsive maintainer process. Per Neal Gompa, its a Fesco ticket. So here I am with such a ticket
I checked Fab's activity, and he hasn't done anything with Fedora since April, and I know Fab is active in other projects (according to his github profile activity), so I'm assuming he's moved on. The other comaintainer has had no activity with Fedora within the past year. It seems to me, although I may be incorrect about this, that both of the maintainers are inactive, as the last commit to the repo was 2 years ago and there are open issues that are 3 years old and a PRs that's 4 years old in the Lab Pagure repo. IMHO, these should have been addressed within the last 3/4 years even if they were simply to deny the request and close them.
In order to maintain the Lab, I'd need to be given access/admin to the Pagure Repo for the Security Lab: https://pagure.io/security-lab
I don't want the Lab to stop, since I use it myself for work.
Please, follow the nonresponsive package maintainer policy: https://docs.fedoraproject.org/en-US/fesco/Policy_for_nonresponsive_package_maintainers/
Specifically, open a bugzilla (week 0, step 2) and email to devel (week 0, step 3), open this ticket after a week (week 1, step 1).
Metadata Update from @churchyard: - Issue close_status updated to: Invalid - Issue status updated to: Closed (was: Open)
@churchyard I'm happy to follow whatever policy there is, however there's a technical problem in doing so. I cannot fill out the bugzilla ticket form because there is no acceptable value for the forms for nonresponsive package maintainer, nonresponsive container maintainer, or nonresponsive module maintainer. Those require me to select a module, package, or container from the predetermined list. As the Security Lab does not fall into any of those categories, I cant proceed with the form. I've tried to manually enter values into the field but they aren't accepted and I cant submit the form without everything filled out. I looked to try to file a generic Bugzilla ticket instead, but I could not find a free form that would allow me to manually set the fields myself. How should I proceed? Thanks!
You could file a non-responsive maintainer ticket against one of Fabian's packages.
Update, I reached out to Ben Cotton in the PgM channel, and he said to file it against the Distribution component, so I'm going to proceed that way.
Using the distribution component works, but be sure to assign @fab as the bugzilla assignee.
why not asking Fabian or me directly? we respond to e-mails
It was my understanding that when using the @ symbol with someone's username, the person is contacted through a Pagure email. That went unanswered by Fabian for 2 weeks in the original PgM ticket. I assumed, perhaps wrongly, that an email from pagure would get more attention than an email from some random person you've never heard of before. I figured going through the project process would probably get more attention than an unknown email from me.
My only concern is that the Lab continues, I don't care who maintains it. If you guys still want to, awesome. I just wanted to make sure it didn't get removed from the F35 build list due to the FESCo requirement not being met.
As long as it keeps being built, I'm happy. :)
Am 07.08.21 um 05:24 schrieb JT Pennington:
https://pagure.io/security-lab is not relevant to build the Fedora Security Lab itself as the relevant packages or kickstart are not maintained here - it just holds some documentation, some source files for the menu rpm etc.
also i saw no join request from you ... might have missed it
the relevant kickstart can be found here https://pagure.io/fedora-kickstarts/blob/f34/f/fedora-live-security.ks i am sure Fabian can enlight you even more
-- Joerg (kital) Simon simon@simline.de https://about.me/joerg.simon Key Fingerprint: 3691 0989 2DCA 58A2 8D1F 2CAC C823 558E 5B5B 5688
Call trans opt: received. 2-19-98 13:24:18 REC:Loc
Trace program: running wake up, Neo... the matrix has you follow the white rabbit. knock, knock, Neo. (`. ,-, ` `. ,;' / `. ,'/ .' `. X /.' .-;--''--.._` ` ( .' / ` , ` ' Q ' , , `._ \ ,.| ' `-.;_' : . ` ; ` ` --,.._; ' ` , ) .' `._ , ' /_ ; ,''-,;' ``- ``-..__``--`
why not asking Fabian or me directly? we respond to e-mails It was my understanding that when using the @ symbol with someone's username, the person is contacted through a Pagure email. That went unanswered by Fabian for 2 weeks in the original PgM ticket. I assumed, perhaps wrongly, that an email from pagure would get more attention than an email from some random person you've never heard of before. I figured going through the project process would probably get more attention than an unknown email from me. My only concern is that the Lab continues, I don't care who maintains it. If you guys still want to, awesome. I just wanted to make sure it didn't get removed from the F35 build list due to the FESCo requirement not being met. As long as it keeps being built, I'm happy. :)
definitely it will be built further on - but of course we welcome fresh input
I checked Fab's activity, and he hasn't done anything with Fedora since April, and I know Fab is active in other projects (according to his github profile activity), so I'm assuming he's moved on.
I haven't move on but I'm exploring other approaches to ship a security tool set.
It seems to me, although I may be incorrect about this, that both of the maintainers are inactive, as the last commit to the repo was 2 years ago and there are open issues that are 3 years old and a PRs that's 4 years old in the Lab Pagure repo. IMHO, these should have been addressed within the last 3/4 years even if they were simply to deny the request and close them.
Well, the tool set didn't change much over the last couple of years. Thus, no need to adjust the tool listing. It's likely that there was no commit for two years.
Access to https://pagure.io/security-lab is not needed, it's a helper repo (e.g., to generate the comps sections and alike) and is not used to build the lab as fedora-kickstarts/comps contains the source for the Security lab.
Login to comment on this ticket.