However, when you look at it, RVM looks quite scary.

The recommended installation instruction is:
bash < <( curl http://rvm.beginrescueend.com/releases/rvm-install-head ).
That script doesn’t use set -e, and actually does a git clone behind the scenes. Without first checking that git is installed. But if you don’t have git installed, it’s not a problem: there’s another script later on the page that downloads and compiles it for you.

After installing RVM itself, you need to install rubies (different ruby implementations). Use rvm install ree,1.9.2-head,jruby. That will automatically download and build the various versions in your homedir. It’s interesting to note the the compilation messages were probably too scary, and are not displayed.

But how does it handle the switch between different versions ? First, you need to add some magic to your .bashrc:
[[ -s "$HOME/.rvm/scripts/rvm" ]] && . "$HOME/.rvm/scripts/rvm"
or, for a system-wide install of rvm:
[[ -s "/usr/local/rvm/scripts/rvm" ]] && . "/usr/local/rvm/scripts/rvm"
And then, you can select your ruby implementation using rvm --default 1.9.2, for example. That works by redefining $PATH:
# echo $PATH
/usr/local/rvm/gems/ruby-1.9.2-p0/bin:/usr/local/rvm/gems/ruby-1.9.2-p0@global/bin:/usr/local/rvm/rubies/ruby-1.9.2-p0/bin:/usr/local/bin:/usr/local/bin:/usr/local/sbin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/bin/X11

Of course, that’s quite fragile: if you are in one of the cases where bash doesn’t read .bashrc, or if you happen to be using dash, you lose.

Looking at the code of RVM itself, it is also very fragile: it’s pure bash, without any error handling. During my test (in a chroot), I often got error messages about missing commands that were apparently ignored. The installer insists on using colors, and spews lots of error messages if executed without a controlling tty. There are also some interesting code snippets like perl -e 'sleep 0.5'.

So, where do we go from here? Well, obviously, with my Debian hat, I’m not going to advocate a solution that makes everything possible to avoid the distribution’s packaging system, and I don’t see RVM being packaged in Debian anytime soon.
In Debian, we already provide co-installability of Ruby 1.8 and 1.9.2, and users are free to choose which one to use on a per-script basis, by running them with version-suffixed ruby executables. The ‘ruby’ executable itself still points to 1.8, as it’s clearly too early to make 1.9.2 the default. Many Ruby libraries are provided for both 1.8 and 1.9.2, and we plan to discuss changes in the packaging system to be able to make it easier to provide packages for both versions. There’s also recent work on packaging JRuby, but it’s quite hard as it requires removing all the non-free or undistributable parts, and packaging them separately.

It’s quite fun to try to remember the context of your first upload to Debian (which package, who sponsored it), and look at the other contributors that “graduated” at the same time as you did. Or to see the constant flux of new contributors.

Each time this discussion comes back, people seem to think that we need another membership status for them. But what for?

It’s true that the name “Debian Developer” is suboptimal for non-programmers. But it’s also suboptimal for most DDs, since most of us don’t strictly develop software: we “just” maintain packages, mainly developing meta-data around the upstream source code. “Debian Developer” is how we call our full-fledged project members. Do we want to classify those non-programming contributors as second-class citizens? If not, we need to make them “Debian Developers”, not some strange other name.

Of course, there’s the issue of security and trust. Debian Developers have upload rights on all packages, and access to the project’s machines. And it’s a bit strange to trust non-programmers with that level of power. On the other hand, we have many Debian Developers that are mostly inactive, became DDs half a decade ago, and have the same access rights. Worst, it’s possible that they remember how to use dput, having used it before! And 95% of DDs (me included) should probably not be uploading the libc, even if they can. Why should they be more trusted than active non-programming contributors that probably would be quite scared by the idea of breaking something?

Overall, I think that this issue is actually a non-issue. We should:

• Acknowledge that, when a non-programming contributor has made notable contributions to Debian (proven by the advocacy of current members) and passed the relevant parts of the Philosophy and Procedures check, it should be made a Debian developer.
• Orthogonally, acknowledge that we have a problem with security due to the size and the volunteer nature of the project, and address it independently. For example, shell accounts could be disabled after 3 months without connecting to Debian machines (and be re-enabled by the DD on http://db.debian.org/). And upload rights could be limited to non-core packages (and extended by the DD on http://db.debian.org/ too). It’s not about adding intermediate levels of membership, just about giving the possibility to developers to add a safe-guard against themselves.

Since it really makes sense to expose bugs with patches to the Debian maintainers, I’ve modified the Ubuntu box on the Packages Tracking System and the Ubuntu column on the QA Packages Overview (hidden by default for now) to include that information. You can see the result on the dpkg PTS page and the debian-pkg@ packages overview page.

Many thanks to Brian Murray for making this possible on the Launchpad side.

select count(*) from bugs
where affects_unstable and status = 'pending'
and id in (select id from bugs_tags where tag ='patch');

select count(*) from bugs
where affects_unstable and status = 'pending';

select count(distinct bugs.bug)
from ubuntu_bugs_tasks tasks,ubuntu_bugs bugs
where tasks.bug = bugs.bug
and distro in ('', 'Ubuntu')
and status not in ('Invalid', 'Fix Released', 'Won''t Fix')
and bugs.patches is true;

select count(distinct bugs.bug)
from ubuntu_bugs_tasks tasks,ubuntu_bugs bugs
where tasks.bug = bugs.bug
and distro in ('', 'Ubuntu')
and status not in ('Invalid', 'Fix Released', 'Won''t Fix');

The tasks are:

• get a grasp on what instest does, the script used to analyze the results, and the current results (yes, I know there are some obvious false positives).
• find possible improvements (isolate false positives or common error cases) and improve the scripts (no need to learn Ruby, I can help with that part)
• file bugs (there are scripts – based on my archive rebuild ones – to do that efficiently)

If you want to help, just contact me at Debconf!

[options]
allow_cancellation = true

Here is my TODO list, basically by order of “willingness to do the work”. It’s probably too much for 9 days, so don’t hesitate to talk to me if you want to help with some items.

• Switch the ruby1.9.1 package to a prerelease of Ruby 1.9.2. That package providing the development branch of the interpreter. That will be done while keeping the existing package name, as Ruby 1.9.1 and 1.9.2 are (supposed to be) compatible. It might be a bit confusing for users to have a ruby1.9.1 package that installs Ruby 1.9.2, but then we can just blame the upstream developers for using the same numbering space for “ruby compatibility level” and “ruby version”. Bonus: will fix 2 FTBFS on {kfreebsd-,}i386. ruby1.9.1 1.9.2~svn28788-1 uploaded, but it really means “ok, enough, let’s upload and see what happens”. There are some open issues on FreeBSD, and some patches that still require porting to that version.
• Update the ruby1.8 package. There’s a few patches pending (including the “ruby is slow because of pthread” one). ruby1.8 1.8.7.299-2 uploaded, sync to Ubuntu requested.
• Run an archive-wide test using instest again. instest is a piuparts re-implementation that is targetted at making it easy to file bugs about installation and removal failures. It’s nothing big, really, but already allowed to file 78 RC bugs a few months ago. Done, and call for help posted. Which raises another TODO item:
  • Process instest failures if nobody wants to help … Well, done partially. The number of issues found justifies that those tests are useful, so I’m a bit annoyed that nobody volunteered to help.
• Run an archive rebuild. I did one last week-end mainly to provide food for RCBC, but there are some failures that haven’t been filed because they required more investigation. I also need to check back with various people about some custom rebuilds (newer GCC, etc). And I’ll probably also do a rebuild of Ubuntu maverick.Rebuild done, about 70 new RC bugs filed, and some cleanup done on old unreproducible bugs. Also did a rebuild with an updated hardening-wrapper for Raphael Geissert, and a rebuild of Ubuntu maverick on i386 and amd64 (results posted on ubuntu-devel@).
• Do a ddpo-by-mail run. Last one was a longgg time ago. I have a few open requests about ddpo-by-mail that I’d like to address before spamming people again (for example, it shouldn’t report about merged bugs).Done, ~1300 emails sent.
• Ultimate Debian Database work: merge the upload-history importer into UDD itself to drop the dependency on a script on merkel. Also address #540132 (strange info in the upload-history table). Make sure the changes to carnivore about DMs are compatible with the carnivore importer. All done!
• Investigate how we could improve Ruby packaging with something like ruby-support. One of the requirements is to provide an easier way to support several Ruby versions.
• Do some work on feed2imap. It got a few valid feature requests recently that I’d like to address in a 1.1 release.
• Debian/Ubuntu work: add info about bugs with patches to the PTS now that this info is available in UDD thanks to Brian Murray’s work on the Launchpad side, and other pending work items from the Debian/Ubuntu BOF at UDS
• Work on Bapase and the handling of poorly maintained and low-quality packages, resurrecting an old thread on debian-qa@
• Do some packaging work: systemtap 1.3, tcsh, websec (long overdue!), and the usual pkg-ruby-extras shores. I also would like to take a look at the atlas FTBFS as I’m affected through hpcc.
• Update developers-reference. I’m totally in lazy mode about that since the maintenance was transferred to debian-policy@, but I will try to address bugs with valid patches.