On Wed, 01 May 2024, Maciej Barć wrote:

Also no license link. Afaik all contribs are under GPL-2.

That's not entirely correct. The files in the licenses/ directory
aren't, and patches in packages' files/ dirs generally follow the
license of their upstream project.

Ulrich

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQFDBAEBCAAtFiEEtDnZ1O9xIP68rzDbUYgzUIhBXi4FAmYyWS4PHHVsbUBnZW50 b28ub3JnAAoJEFGIM1CIQV4uanMH/1+VXqRDsXF/b/OrStSCGuCPapzihYzm4tZL Vdx8a7tA4R+r4zrj6/iWvoqrgUb2sZ4Ij9W8+88xCZfKFPsI6UrFdeJ4saCzi6jU GAyEYTMPbhrrfaO1bku8suYvzvWbgZ8sFp/+2pF8QMmCnA+nJ51slilfIIZ+J4ty D3tPlJ7HtcsZYLRsys1q4bLTVbu0EERA6oq3FpYlzeKnih4c3ZYeqYqDuWQ3s1Vl D1tSS455ggI4ExTaiPwG07ShM3hmoyvyK3b6fdTVRDqU2bAAIfJ3m4QC3mPb32Kg gWFTpk6EWlhTjhl6ME8o7v1rk2fbjXV4Q8UwhoGeSEGoWjUZz9g=wLei
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, May 01, 2024 at 03:32:21PM +0200, Michał Górny wrote:

The idea is to increase awareness of the AI policy, as well as other
rules, and to inform users before they submit a PR.

Bit mixed feelings about this given checkboxes feel like unnecessary
churn for routine contributors and is semi-redundant with the
Signed-off-by.

I think it's great for first-time/occasional contributors though.

Having a AI-specific checkbox does feel kind of overkill when it won't
concern the majority of contributors, albeit given how how hard the whole
thing is pushed lately and that we have no real way to verify beside the
user being made aware of it and certifying it...

On a side-note, I have nothing against having .github in the tree. Just
saying given I know not everyone is happy with that.
--
ionen

-----BEGIN PGP SIGNATURE-----

iQEzBAABCAAdFiEEx3SLh1HBoPy/yLVYskQGsLCsQzQFAmYyUZUACgkQskQGsLCs QzR2Owf/c65ZpMXvKVbEfuo6lxqZ0fHWovYd/80ZsTkdrSKHSunK5SwIKk8aDKV3 /GHfJLWWtty1eiXk9m3iEdi81BVVsX8nSttqhDabU9yfHRktSXcgvbl/HYvQRFag jG+1ffVDF/ovSOwCBdWXnEMzyCCZMVxcM8R/A1QKdo2wsmELOSeMnxQeTKDZR54Y lUz6afZKsmeyzO65t7lFQFG3SaSywu8qXm6SSKDL8JQ7zfeD+rxqeOeo84e1Xwbk ORHVo0/oEdweR2sdagdCRjM1NywlvEmHLQ7vgnSKUK1OO5oUbeVSX2TjjLFqZxu3 7f5lR3CNHRDAJyMgNINiJSH3uiygDQ==
=O+vG
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 2024-05-01 at 16:27 +0200, Maciej Barć wrote:

Maybe we could consider also adding something along the lines (4
additional positions):

1. I have emerged the package(s) on a Gentoo-based system (be it
"native" or virtualized by means of hardware-based virtualization or
system layer virtualization).
2. I have tested that the package(s) merge inside both the user and net sandbox without violations on a Gentoo-based system.
3. I can assure that the packages would be able to be merged on the currently default Gentoo profile (with or without modifications to USE flags).
4. If manual intervention (beyond "emerge PKG") is required ro complete
the install/update of the package(s) I have explained the steps needed
to be taken in the PR and/or package ebuild(s) and/or Gentoo Wiki.

Asking people to check 8 checkboxes is a bit much.

--
Best regards,
Michał Górny


-----BEGIN PGP SIGNATURE-----

iQFGBAABCgAwFiEEx2qEUJQJjSjMiybFY5ra4jKeJA4FAmYyWMkSHG1nb3JueUBn ZW50b28ub3JnAAoJEGOa2uIyniQOLRcH/iTe73GOqG2etKinmo7BrI89D8rWzlho NEII/B5xkw1ail+Do/PZk8iW0wEl4k4nG52XmX1o5aeTCNLTL0Wko1++ZZTYRi64 3BjHgSHa4tybM4YRVYx2e7eKYoU4geOi8W7fzJ79EGvt6eDmDdHsr1CdnR4PR6dM K83v9a3YobEqQds8f6hc2atLAFPkdS567K7TQcZlV34mrSkA2iOlwCXQ8W8vNJ7c I6c4MB4kmIoroNh2sQMYJ9q9zugZXWkx+Jzr3Im89y/QWqTWoaF1niuAxL1V/sWq +2MUsfnUP0TBsFNW91fgphgAoUpeSH3gZSGNoHo2AP1HwmUM3cTS1/c=
=Nhw1
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 2024-05-01 at 10:28 -0400, Ionen Wolkens wrote:

On Wed, May 01, 2024 at 03:32:21PM +0200, Michał Górny wrote:

The idea is to increase awareness of the AI policy, as well as other
rules, and to inform users before they submit a PR.

Bit mixed feelings about this given checkboxes feel like unnecessary
churn for routine contributors and is semi-redundant with the
Signed-off-by.

I think it's great for first-time/occasional contributors though.

Yeah, that's why I tried to keep it relatively short. We don't want
people clicking too much every single time.

Having a AI-specific checkbox does feel kind of overkill when it won't concern the majority of contributors, albeit given how how hard the whole thing is pushed lately and that we have no real way to verify beside the
user being made aware of it and certifying it...

It's mostly a way of advertising the change.

--
Best regards,
Michał Górny


-----BEGIN PGP SIGNATURE-----

iQFGBAABCgAwFiEEx2qEUJQJjSjMiybFY5ra4jKeJA4FAmYyWPwSHG1nb3JueUBn ZW50b28ub3JnAAoJEGOa2uIyniQOnVAH/j+HFFLXQZAMBXNyhM/BKx8uv+LgVHX9 PzXjgSoL44d481mK/GTb7u8E0RhCPXFDrHFktncrv2TEB0CG1289eSnxUy2yiWdk 6ARrWmtCKMrGXyiUoFHTOPiOzsN23GoAyWd+SVPrRYKtlFA3vxOjFhtBh5Z8tjSl X+IAaStnX4el3yiw8GGVRjtGJQs/Ehv4AyNjRFT5erLoPvxacixkRgI0aOYJyJPP Jc5sijej2qzbfz4wKB0k2xMjfLmAEdSNBY2QnyIGhEWv3TVRUqllgNKFJQTY9hGV 49k/GYVkkH6qQGYzAe2rG9hv2r4zhUHqMrZlLq+PXGifKmu4B2f+dV8=
=vRNv
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Wed, 01 May 2024, Maciej Barć wrote:

Also no license link. Afaik all contribs are under GPL-2.

That's not entirely correct. The files in the licenses/ directory
aren't, and patches in packages' files/ dirs generally follow the
license of their upstream project.

See, so it would help to have a doc that talks about the
irregularities.

I agree, but such documentation doesn't belong in an ebuild repository,
but should be in a dedicated location like the Devmanual or the wiki.

Ulrich

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Ionen Wolkens <ionen@gentoo.org> writes:

On Wed, May 01, 2024 at 03:32:21PM +0200, Michał Górny wrote:

The idea is to increase awareness of the AI policy, as well as other
rules, and to inform users before they submit a PR.

Bit mixed feelings about this given checkboxes feel like unnecessary
churn for routine contributors and is semi-redundant with the
Signed-off-by.

I think it's great for first-time/occasional contributors though.

Having a AI-specific checkbox does feel kind of overkill when it won't concern the majority of contributors, albeit given how how hard the whole thing is pushed lately and that we have no real way to verify beside the
user being made aware of it and certifying it...

On a side-note, I have nothing against having .github in the tree. Just saying given I know not everyone is happy with that.

Indeed, the only line for me is if we were solely relying on it, e.g. if
we replaced all self-hosted CI with github actions CI or similar. I
don't see supplementary files for services we make use of, but don't
depend on, as a problem, as long as they're not some minor experiment.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Michał Górny <mgorny@gentoo.org> writes:

Signed-off-by: Michał Górny <mgorny@gentoo.org>
---
.github/pull_request_template.md | 12 ++++++++++++
1 file changed, 12 insertions(+)
create mode 100644 .github/pull_request_template.md

The idea is to increase awareness of the AI policy, as well as other
rules, and to inform users before they submit a PR.

Screenshots @ https://github.com/gentoo/gentoo/pull/36503

diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
new file mode 100644
index 000000000000..9e6fe061db11
--- /dev/null
+++ b/.github/pull_request_template.md
@@ -0,0 +1,12 @@
+<!-- Please put the pull request description above -->
+
+---
+
+Please check all the boxes that apply:
+
+- [ ] I can submit this contribution in agreement with the [Copyright Policy](https://www.gentoo.org/glep/glep-0076.html#certificate-of-origin).
+- [ ] This contribution has not been created with the assistance of
Natural Language Processing artificial intelligence tools, in
accordance with [AI policy](https://wiki.gentoo.org/wiki/Project:Council/AI_policy).
+- [ ] I have certified the above via adding a `Signed-off-by` line to *every* commit in the pull request.
+- [ ] I have run `pkgcheck scan --commits --net` to check for issues with my commits.
+
+Please note that all boxes must be checked for the pull request to be merged.

I'm OK with the proposal as-is, but would be interested in hearing
suggestions to alleviate ulm's concern of developers feeling they must
tick every single box as well. But that might not be doable.

xgqt's comments wrt testing are interesting but maybe better with us
linking to a checklist instead, rather than something users have to
declare in the github PR. Not sure.

Anyway, thanks for this, I've wanted this for a while anyway as it's
more elegant than the Larry bot method. Glad you came around ;)

thanks,
sam

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)