[SailfishDevel] FOSDEM Community follow-up - open source app community

David Greaves david at dgreaves.com
Wed Feb 5 15:00:54 UTC 2014


On 04/02/14 07:40, "Thomas B. Rücker" wrote:
> My question has been lingering for a while. (
> https://together.jolla.com/question/13605/visible-open-source-app-community-supported-by-jolla/
> )
> 
> But during FOSDEM we had a Sailfish/Jolla Community Round-Table (
> https://together.jolla.com/question/11303/are-you-going-to-fosdem-2014-irl-floss-meeting-in-belgium/?answer=13864#post-id-13864
> ). This topic was brought up and seems Sailors are committed to address
> this with pushing forward towards a clean open source app repository
> with community QA and easy on-device access after enabling developer mode.

That's my personal goal, yes.

For those who don't know, I run the infra and OBS for Mer - I used to run the
community OBS and other infra for MeeGo too. I am a sailor - but today I'm
mailing as a community guy.

I setup Chum as a place to build Jolla apps on an OBS. It just works. There is
no fancy storefront or BOSS integration. We need that.

I'd like to see some public docs on the Chum rules and governance so that we can
reasonably expect Jolla to trust us to do a professional job. I know that they
worry about reputation and customer experience. So do I.

I don't think we need full automation of the checks yet - but I do think we can
clearly state the boundaries: open source only; auditability; community QA...

I'd like to see what our target is from a user perspective ... eg how do we make
sure users can upgrade their devices. It's a technically difficult problem. We
may well need to ask Jolla for hooks into SailfishOS ... but luckily we may also
be able to write those hooks in Mer/Nemo and have Jolla just get them.

I also recall that community QA was not terribly effective - I think this needs
adressing.

I used "Chum" as the repo title (it's the bloody fish guts you use to attract
sharks!) - I'm not sure it's a good name but there are plenty of attacks :)

> This would provide something like Maemo Extras and would be community
> QA'd to ensure the apps don't pose major problems when installed. On the
> other hand it would provide an easy middle ground for apps that don't
> fit into harbour for various reasons (API calls, dependencies, etc.).

Yes - I'd like to explore how we can add one or more library areas to devices
for sets of shared libraries. Eg I use bullet physics engine in my 3D Dice game
- I don't want to have to ship it. But how do we cope when bullet v3 comes out?

> It will be backed by an OBS project on Mer community OBS, which has
> Sailfish targets. OBS has come a very long way since we've seen it
> first. I've personally had several apps build out of the box by just
> _clicking_:
> * create package
> * source provision through tar_git
> If the app builds on a clean SDK, then it's highly likely to build out
> of the box also on OBS.

Good. We need more docs though.

> You may now say "what about openrepos?". They have chosen to be a site
> for one-click RPM hosting repositories with no QA. Despite their best
> efforts this approach has led to significant problems. Also it does
> binary only uploads and thus non-free/closed applications and no
> traceable chain from source to binary.
> That said, if the openrepos client (warehouse) passes community QA it
> will for sure be included in the community repository. Thus allowing
> users to install it easily, if they so wish. We're not hostile towards
> it, it just doesn't offer the level of trust to be a viable avenue for a
> default community repository.

I don't mind openrepos - there are plenty of places where users can go on the
internet that expose them to greater or lesser degrees of risk. It's their
choice. I would choose to be more restrictive than openrepos on what's allowed
into the community store. I also think we have a slighly different focus -
openrepos is literally a free-for-all. I hope Chum (or whatever) will have more
of a "reliable quality for the user" goal.

If/when warehouse gets onto community store I would like to be clear about what
it provides as there would be a sense of it meeting the users expectation of
quality/safety.

> This is a PERSONAL summary of MY recollection of the FOSDEM discussion
> on this topic. I hope that Jolla will now finally back this up and we
> will see Sailors working towards this.

Still community hat! I am of the opinion that Jolla do a lot for the community
simply in how they operate. I think much of this is our job. We need to clearly
ask for things and justify why they should be granted.

Eg I think we should ask for a similar role as maemo extras - but we need to
justify why we can be trusted to essentially grant root privileges to any app
developer on any users jolla device.

As for sailors working on this - I think we may like Jolla to grant them some
company time to respond to these feature requests - but mainly how much time
they spend on community things is down to them. Some sailors love openrepos
approach; some love Mer OBS/Chum approach :)

> For those who already want to get started, there is a SailfishOS target
> on OBS and a community repository called "Chum" where applications will
> be visible in the future.
> https://build.merproject.org/project/subprojects?project=sailfishos

Yep - I'll add 1.0.3.8 today too.

David

-- 
"Don't worry, you'll be fine; I saw it work in a cartoon once..."



More information about the Devel mailing list