| *** LaurenceUrhegyi (~laurenceu@82-70-136-246.dsl.in-addr.zen.co.uk) has joined #trustable | 07:58 | |
| *** sambishop (~sambishop@82-70-136-246.dsl.in-addr.zen.co.uk) has joined #trustable | 08:35 | |
| *** ctbruce (~bruceunde@82-70-136-246.dsl.in-addr.zen.co.uk) has joined #trustable | 08:46 | |
| *** toscalix (~toscalix@90.170.203.139) has joined #trustable | 09:09 | |
| *** brlogger (~supybot@185.43.218.182) has joined #trustable | 09:22 | |
| *** brlogger (~supybot@185.43.218.182) has quit (Read error: Connection reset by peer) | 09:34 | |
| *** brlogger (~supybot@185.43.218.182) has joined #trustable | 09:36 | |
| *** brlogger (~supybot@185.43.218.182) has quit (Read error: Connection reset by peer) | 09:46 | |
| *** brlogger (~supybot@185.43.218.182) has joined #trustable | 09:48 | |
| *** tiagogomes (~tiagogome@82-70-136-246.dsl.in-addr.zen.co.uk) has joined #trustable | 09:48 | |
| *** brlogger (~supybot@185.43.218.182) has quit (Read error: Connection reset by peer) | 09:54 | |
| jmacs | LaurenceUrhegyi: Is there a setting for the mailing list that causes all the 'From' addresses to be c-safe-secure-studygroup@lists.trustable.io instead of the sender's name? | 10:08 |
|---|---|---|
| jmacs | It's a bit difficult to tell who's who in my client | 10:09 |
| LaurenceUrhegyi | jmacs: not that I know of. For me, they appear as 'Laurence Urhegyi via C-safe-secure-studygroup' (for example). I shall have a look though. | 10:12 |
| LaurenceUrhegyi | There's an option to: Hide the sender of a message, replacing it with the list address (Removes From, Sender and Reply-To fields). | 10:22 |
| LaurenceUrhegyi | But it's set as 'No' | 10:22 |
| LaurenceUrhegyi | I assume you don't have this issue with other mailing lists, using the same client? | 10:22 |
| LaurenceUrhegyi | jmacs^ | 10:22 |
| jmacs | No, your messages from trustable-software appear to be from you | 10:23 |
| rjek | That setting is to work around people who can't run a mail server properly. | 10:25 |
| rjek | It surprised me that it is enabled on these lists | 10:25 |
| LaurenceUrhegyi | what setting? | 10:26 |
| *** tiagogomes (~tiagogome@82-70-136-246.dsl.in-addr.zen.co.uk) has quit (Remote host closed the connection) | 10:27 | |
| rjek | Munge the from address | 10:27 |
| jmacs | Munge it from what to what? I don't know in which direction you're arguing. | 10:28 |
| *** sambishop (~sambishop@82-70-136-246.dsl.in-addr.zen.co.uk) has quit (Ping timeout: 240 seconds) | 10:29 | |
| LaurenceUrhegyi | rjek: that setting was recommended to me by dp, since it could be a useful 'hack' for anyone who who outsources their email to Gmail or Outlook | 10:30 |
| LaurenceUrhegyi | jmacs: the setting which I believe rjek is referencing is: Replace the From: header address with the list's posting address to mitigate issues stemming from the original From: domain's DMARC or similar policies. | 10:31 |
| rjek | Unneeded unless somebody has misconfigured their hosted gmail | 10:31 |
| rjek | And just causes confusion | 10:31 |
| rjek | There are a handful of misguided organisations for which it is needed, but I really wouldn't turn it on unless one of them joins on | 10:32 |
| - | andrewleeming_ is now known as leeming | 10:32 |
| jmacs | I really have no idea what you're talking about now, but emails from c-safe-secure all come from c-safe-secure-studygroup@lists.trustable.io, and on every other mailing list I'm on, they come from the sender themselves | 10:33 |
| LaurenceUrhegyi | Confusing indeed. I have turned it off now, as I don't think any 'misguided organisations' are on the list. | 10:33 |
| rjek | And then I'd recommend they fix their email instead | 10:33 |
| LaurenceUrhegyi | jmacs: I'll be posting to the list later, see if there's any difference | 10:33 |
| rjek | jmacs: the problem is some organisations block mail with a from header claiming to be their domain from an ip that is not theirs | 10:34 |
| jmacs | I'm still unclear as to which behaviour you think is correct | 10:35 |
| chrispolin | On my client, they appear as '<sender> via C-safe-secure-studygroup' | 10:36 |
| jmacs | The full From line is From: Martin Sebor via C-safe-secure-studygroup | 10:36 |
| jmacs | <c-safe-secure-studygroup@lists.trustable.io> | 10:36 |
| chrispolin | Ah sorry, yes. Me too. | 10:37 |
| LaurenceUrhegyi | I had it set as 'munge from' on the setting I posted at 10:31 | 10:37 |
| LaurenceUrhegyi | Anyway, hopefully sorted now | 10:37 |
| LaurenceUrhegyi | So, onto something else....I mentioned last week I'd been working on an 'Idiot's Guide' to Trustable - I've now completed the first draft, barring a few sections which I haven't had a chance to do yet (I've also changed it to be called the 'Introductory Guide to Trustable') | 10:38 |
| LaurenceUrhegyi | Which is here: https://docs.google.com/document/d/11TyNLTf9YOz6yRVQp6xRy_z_Vhik89vVhagDmE0qbSI/edit# | 10:38 |
| LaurenceUrhegyi | It's an attempt to introduce someone with little to no prior knowledge to the project to the key aspects of Trustable. | 10:38 |
| LaurenceUrhegyi | I still need to work on: | 10:38 |
| LaurenceUrhegyi | Trustable Software Workflow | 10:38 |
| LaurenceUrhegyi | Open Control | 10:38 |
| LaurenceUrhegyi | Mustard | 10:38 |
| LaurenceUrhegyi | Git Audit | 10:38 |
| LaurenceUrhegyi | If anyone has a chance to review it this week then that'd be really helpful. It's become a little longer than I had anticipated, but it tries to be comprehensive whilst giving the relevant background and context, which is not a trivial task. | 10:39 |
| LaurenceUrhegyi | If I could request that you use the comments function rather than editing the text itself. | 10:39 |
| jmacs | Please don't put git-audit in it | 10:39 |
| LaurenceUrhegyi | why not? | 10:40 |
| jmacs | It's a throwaway tool I wrote in 4 hours as a proof of concept | 10:42 |
| jmacs | It's not meant to be used in anger | 10:42 |
| *** sambishop (~sambishop@82-70-136-246.dsl.in-addr.zen.co.uk) has joined #trustable | 10:47 | |
| *** tiagogomes (~tiagogome@82-70-136-246.dsl.in-addr.zen.co.uk) has joined #trustable | 10:47 | |
| LaurenceUrhegyi | I think it should still be in there. It'll just be an introduction to the principles of the tool, and how they fit into the TSW. | 10:51 |
| jmacs | As long as it's described in that context, that's fine | 10:52 |
| LaurenceUrhegyi | That's the plan. The idea is just to introduce each topic we've focused on to someone who hasn't been involved in the project. | 10:54 |
| *** sambishop (~sambishop@82-70-136-246.dsl.in-addr.zen.co.uk) has quit (Ping timeout: 258 seconds) | 10:58 | |
| LaurenceUrhegyi | paulsherwood: Is there any news from FOSDEM re your talk? | 11:01 |
| LaurenceUrhegyi | jmacs: I know the other submission, for the breakout room (if that's what it was called), was turned down. Did they give a reason? Was it full? | 11:02 |
| jmacs | 35 submissions and only room for 7-9 apparently | 11:06 |
| jmacs | That was for the testing and automation dev room | 11:06 |
| *** toscalix (~toscalix@90.170.203.139) has quit (Quit: Konversation terminated!) | 11:09 | |
| *** toscalix (~toscalix@90.170.203.139) has joined #trustable | 11:11 | |
| *** toscalix (~toscalix@90.170.203.139) has quit (Read error: Connection reset by peer) | 11:11 | |
| *** toscalix (~toscalix@90.170.203.139) has joined #trustable | 11:11 | |
| paulsherwood | LaurenceUrhegyi: talk was rejected | 11:18 |
| *** sambishop (~sambishop@82-70-136-246.dsl.in-addr.zen.co.uk) has joined #trustable | 11:21 | |
| LaurenceUrhegyi | ack | 11:24 |
| *** mdunford (~marc@82-70-136-246.dsl.in-addr.zen.co.uk) has quit (Ping timeout: 272 seconds) | 12:01 | |
| *** mdunford (~marc@82-70-136-246.dsl.in-addr.zen.co.uk) has joined #trustable | 12:19 | |
| paulsherwood | LaurenceUrhegyi: thanks for the minutes. can i suggest, though, that you reformat them as an email and send to the list? | 13:39 |
| -*- paulsherwood notices https://tech.slashdot.org/story/17/01/09/0438228/google-abandons-their-google-hangouts-api | 13:40 | |
| -*- paulsherwood doesn't think we need to rely on google for this content | 13:41 | |
| LaurenceUrhegyi | paulsherwood: fine by me, sure. | 14:07 |
| paulsherwood | tvm | 14:08 |
| LaurenceUrhegyi | done | 14:10 |
| *** LaurenceUrhegyi (~laurenceu@82-70-136-246.dsl.in-addr.zen.co.uk) has quit (Ping timeout: 240 seconds) | 14:33 | |
| *** LaurenceUrhegyi (~laurenceu@82-70-136-246.dsl.in-addr.zen.co.uk) has joined #trustable | 14:34 | |
| *** brlogger (~supybot@185.43.218.182) has joined #trustable | 16:25 | |
| *** brlogger (~supybot@185.43.218.182) has quit (Read error: Connection reset by peer) | 16:42 | |
| *** brlogger (~supybot@185.43.218.182) has joined #trustable | 16:43 | |
| *** AlisonChaiken (~alison@12.1.72.210) has joined #trustable | 16:46 | |
| *** brlogger (~supybot@185.43.218.182) has quit (Read error: Connection reset by peer) | 17:04 | |
| *** brlogger (~supybot@185.43.218.182) has joined #trustable | 17:08 | |
| *** brlogger (~supybot@185.43.218.182) has quit (Read error: Connection reset by peer) | 17:13 | |
| *** brlogger` (~supybot@185.43.218.182) has joined #trustable | 17:13 | |
| pedroalvarez | I believe that brlogger is stable now | 17:51 |
| pedroalvarez | I've recovered logs for previous days | 17:51 |
| pedroalvarez | apologies for this, and for the noise caused :) | 17:51 |
| persia | pedroalvarez: Thank you for your work on brlogger. Having reliable logs is very much appreciated. | 17:52 |
| *** mdunford has quit IRC | 17:55 | |
| *** ctbruce has quit IRC | 17:58 | |
| jmacs | https://gitlab.com/trustable/overview/wikis/pages/software-review-metadata is what I have on review metadata at the moment. Most of the git-candidate investigation turned out to be more relevant to gerrit so it's in that section. | 18:01 |
| jmacs | I'll add it to the list of pages if there are no objections overnight | 18:02 |
| *** mdunford has joined #trustable | 18:07 | |
| *** toscalix has quit IRC | 18:35 | |
| persia | jmacs: I wonder if it is worth considering the storage of information about multiple revisions of a candidate in each of the review systems. | 18:47 |
| persia | (including rebases) | 18:47 |
| persia | I don't know about gitlab, but I suspect there is an API. Most of the gerrit users I interact with use API clients such as git-review and gertty for reviews, rather than the web UI. | 18:48 |
| *** LaurenceUrhegyi has quit IRC | 18:49 | |
| persia | In another freenode channel, I've also seen the assertion "git-series is for contributors, git-appraise more for reviewers" as part of a discussion about selecting appropriate tools to track project changes as the project matures. | 18:50 |
| persia | Anyway, I think it is worth adding this to the list of pages: the core content expressed is more useful than specific addressing of any of my notes. | 18:53 |
| persia | On another subject, I think we've done ourselves a disservice with the TrustableSoftwareWorkflow diagram. Reading through https://lists.trustable.io/pipermail/trustable-software/2017-January/000184.html, I think mixing different UML diagrams served to confuse more than illuminate. | 18:54 |
| persia | I find myself agreeing with many of the diagram critiques (actor roles unspecified, desire for sequence diagrams, etc.), but thinking that some of the core ideas (e.g. generation of compliance documentation for each candidate revision of anything) were not clear. | 18:56 |
| * persia hopes that some User Stories will be a better platform to discuss who does what, and how, in the hopes of achieving consensus | 18:57 | |
| persia | Looking more at the git-candidate codebase, I think it contains more metainformation than gerrit, as git-candidate seems to permit cover letters and patchsets, whereas gerrit only manages patches (potentially with other patches as parents, but no explicit series support), and no cover letters. | 19:14 |
| jmacs | Thanks persia; git-appraise is one I hadn't heard of | 21:23 |
| persia | I'm not a particular fan, but it's a reasonable implementation of a solution to the problem, in go. Adoption appears low. | 21:24 |
| persia | https://patchwork.ozlabs.org/ is yet another solutiion, providing some additional benefits over a raw mailing list. | 21:25 |
| persia | One of the things that bothers me about git-appraise is that it attempts to categorise and distinguish all the potential classes of review (CI vs. analysis vs. discuss). I'm not confident there is enough noticeable differences between humans and robots that such distinctions help especially (or maybe I don't really like the idea of encoding roles in the metadata representation vs. interpolating roles from the identities and timestamps in the | 21:34 |
| persia | metadata) | 21:34 |
| jmacs | No, I don't think I see the need for that distinction either | 21:35 |
| persia | I've also heard second-hand comments that Phabricator is a good review platform, although I know nothing about it. If you're looking to be comprehensive, it may be worth finding a Phabricator-using project and looking at their workflow. I believe it stores metadata in a backend DB, and I believe the API only provides limited access to internals, but both of those datapoints are hearsay. | 21:38 |
| persia | I believe github and gitlab are similar enough to not need duplicate review, but I've only used them for hosting, so may be mistaken. | 21:39 |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!