always assume good faith

[Antonio Terceiro]

On Sat, Jun 21, 2014 at 02:31:40PM -0300, Bráulio Bhavamitra wrote:
> That is the point Aurium and Terceiro: the review process proposed for
> Noosfero is completely new if you look at other free softwares.

Not it is not.

> Let me explain: *the reviewers, almost everytime in free software, are also
> commiters*.

In every project who does code review in public, there is *nothing*
stopping anyone who is not a committed to give input on a given patch.
The fact is most of the time, only commiters review because only
committers care enough.

> Also *they have the responsibility for that code to work for
> the final users*.

No they have not¹. Everyone who cares about Noosfero should feel
responsible for keeping it in a working state. Of course, the committers
have a special responsibility as gatekeepers for the code base, but
ultimately, if *you* take Noosfero and install on *your* server, *you*
are responsible for it working for them.

¹ Read section 15. of the Affero GPLv3 (COPYING in Noosfero sources)

The whole point of doing everything in the open is to make it possible
for *anyone* to chime in and review new code before it turns into a
problem for someone. Anyone, independent of being a commiter or not, can
say:

- "this breaks when the system is configured for X"
- "there is a better/simpler way of doing this"
- "what happens if X?"
- "you missed there case where the input is X"

or even

- "this works just fine for me, thanks"

As a committer, having this type of input from previous reviewers makes
*a lot* of difference for me. If there is a previous review saying the
code is OK, I won't be as rigorous as I would be if I was the first, and
my review will much probably be a lot faster. If there is more than one
review from people I trust, with everyone saying "yep, it works for me",
I might merge the change without even looking much at it.

> *It really doesn't make sense to review a code if you have no real
> responsibility that it works on your application*. That's why, Terceiro,
> the Noosfero's centralization today IS very big.

I think there is a serious misconception here. You are *already*
responsible for your own sites. You can either review the code and make
sure it works for you before it gets to the Noosfero master branch, or
you can wait for the release and *hope* nothing breaks for you.

If new code breaks for you, of course you can always come here and
complain after the release, despite the fact that you could have tested
it before it was even merged, or you could have tested it after the code
was merged but before it made into a release, or you could have tested
during release candidates testing period, but didn't.

That is completely *your problem*.

From this point of view, reviewing incoming code is *good for you*,
even before also being good for the community.

> That is why I insist on a descentralization of the process, where multiple
> organizations assume responsability, costs and priorization of software
> development.

This can already be done now. Review is 99% of the cost, and merge is
1%.

> *Many developers passed through Noosfero without assuming
> responsability*, and that is mainly because of the centralized model
> Noosfero uses.

Not assuming responsibility just because you cannot commit directly is a
serious misconception. If you wrote some code, you *will* be blamed if
it is a problem with it, regardless of you being a commiter or not.

When I merge some code, I am *not* taking full responsibility for it
besides asserting that it makes sense *to me*, and it works *for me*.
The people who wrote, and therefore who care about it, are still
expected to be responsible for it. Of course, those people might just
disapear (that happens every day in any project), and then that code
becomes a problem for *everyone* who uses Noosfero, not just for
committers.

> We at EITA have a proposal about that we are yet to publish to the
> community.

Sure, let's look at it. I have thought myself sometimes about just
opening the gates and letting everyone just commit the hell out of the
repository, but I am still not convinced that it will be any better than
the current status.

But maybe, no amount of discussion will convince you that you could be
already doing 99% of the work instead of insisting that you need
permission to do the remaining 1% before you will be willing to do the
first 99%.

In principle, I find it difficult to trust someone who never did a code
review in public to have unrestricted commit access to the Noosfero
repository. I have no evidence that such someone is capable of detecting
basic code problems that I usually find in a relatively large share of
the patches that I review.

> About forks, we at EITA can't think of it as a solution.

Note that in practice Cirandas is *already* a fork. It is one that is
always working towards reducing the delta with regards to Noosfero, so
it is a friendly fork that works together with the community.

Not all forks are Evil™.

-- 
Antonio Terceiro <terceiro at colivre.coop.br>
Colivre - Cooperativa de Tecnologias Livres
http://www.colivre.coop.br/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://listas.softwarelivre.org/pipermail/noosfero-dev/attachments/20140623/247fb97e/attachment.pgp>