diff options
author | github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> | 2023-08-15 00:11:16 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-08-15 00:11:16 +0000 |
commit | 93341b51c2e3c1e7e0ac8b540c33e46378aed76d (patch) | |
tree | b63968397a4510e8ec3a0e36eea10d8c9f923ab1 /maintainers | |
parent | 892d1fbc85a0ae1d166b2f55f830495ca87dc99a (diff) | |
parent | ecfbcc51f2a9579c9a7660d9bf817c4e929305c4 (diff) |
Merge master into haskell-updates
Diffstat (limited to 'maintainers')
-rw-r--r-- | maintainers/README.md | 114 | ||||
-rw-r--r-- | maintainers/maintainer-list.nix | 14 | ||||
-rw-r--r-- | maintainers/team-list.nix | 10 |
3 files changed, 131 insertions, 7 deletions
diff --git a/maintainers/README.md b/maintainers/README.md new file mode 100644 index 0000000000000..e128818519253 --- /dev/null +++ b/maintainers/README.md @@ -0,0 +1,114 @@ +# Nixpkgs Maintainers + +The *Nixpkgs maintainers* are people who have assigned themselves to +maintain specific individual packages. We encourage people who care +about a package to assign themselves as a maintainer. When a pull +request is made against a package, OfBorg will notify the appropriate +maintainer(s). + +## Reviewing contributions + +### Individual maintainer list + +When adding users to [`maintainer-list.nix`](./maintainer-list.nix), the following +checks should be performed: + +- If the user has specified a GPG key, verify that the commit is + signed by their key. + + First, validate that the commit adding the maintainer is signed by + the key the maintainer listed. Check out the pull request and + compare its signing key with the listed key in the commit. + + If the commit is not signed or it is signed by a different user, ask + them to either recommit using that key or to remove their key + information. + + Given a maintainer entry like this: + + ``` nix + { + example = { + email = "user@example.com"; + name = "Example User"; + keys = [{ + fingerprint = "0000 0000 2A70 6423 0AED 3C11 F04F 7A19 AAA6 3AFE"; + }]; + } + }; + ``` + + First receive their key from a keyserver: + + $ gpg --recv-keys 0xF04F7A19AAA63AFE + gpg: key 0xF04F7A19AAA63AFE: public key "Example <user@example.com>" imported + gpg: Total number processed: 1 + gpg: imported: 1 + + Then check the commit is signed by that key: + + $ git log --show-signature + commit b87862a4f7d32319b1de428adb6cdbdd3a960153 + gpg: Signature made Wed Mar 12 13:32:24 2003 +0000 + gpg: using RSA key 000000002A7064230AED3C11F04F7A19AAA63AFE + gpg: Good signature from "Example User <user@example.com> + Author: Example User <user@example.com> + Date: Wed Mar 12 13:32:24 2003 +0000 + + maintainers: adding example + + and validate that there is a `Good signature` and the printed key + matches the user's submitted key. + + Note: GitHub's "Verified" label does not display the user's full key + fingerprint, and should not be used for validating the key matches. + +- If the user has specified a `github` account name, ensure they have + also specified a `githubId` and verify the two match. + + Maintainer entries that include a `github` field must also include + their `githubId`. People can and do change their GitHub name + frequently, and the ID is used as the official and stable identity + of the maintainer. + + Given a maintainer entry like this: + + ``` nix + { + example = { + email = "user@example.com"; + name = "Example User"; + github = "ghost"; + githubId = 10137; + } + }; + ``` + + First, make sure that the listed GitHub handle matches the author of + the commit. + + Then, visit the URL `https://api.github.com/users/ghost` and + validate that the `id` field matches the provided `githubId`. + +### Maintainer teams + +Feel free to create a new maintainer team in [`team-list.nix`](./team-list.nix) +when a group is collectively responsible for a collection of packages. +Use taste and personal judgement when deciding if a team is warranted. + +Teams are allowed to define their own rules about membership. + +For example, some teams will represent a business or other group which +wants to carefully track its members. Other teams may be very open about +who can join, and allow anybody to participate. + +When reviewing changes to a team, read the team's scope and the context +around the member list for indications about the team's membership +policy. + +In any case, request reviews from the existing team members. If the team +lists no specific membership policy, feel free to merge changes to the +team after giving the existing members a few days to respond. + +*Important:* If a team says it is a closed group, do not merge additions +to the team without an approval by at least one existing member. diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index a3b4220c94534..0d96167b5e8e9 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -9175,12 +9175,6 @@ githubId = 2037002; name = "Konstantinos"; }; - kototama = { - email = "kototama@posteo.jp"; - github = "kototama"; - githubId = 128620; - name = "Kototama"; - }; kouyk = { email = "skykinetic@stevenkou.xyz"; github = "kouyk"; @@ -14668,7 +14662,7 @@ name = "Rahul Butani"; }; rs0vere = { - email = "rs0vere@outlook.com"; + email = "rs0vere@proton.me"; github = "rs0vere"; githubId = 140035635; keys = [{ @@ -16342,6 +16336,12 @@ github = "sweenu"; githubId = 7051978; }; + swesterfeld = { + email = "stefan@space.twc.de"; + github = "swesterfeld"; + githubId = 14840066; + name = "Stefan Westerfeld"; + }; swflint = { email = "swflint@flintfam.org"; github = "swflint"; diff --git a/maintainers/team-list.nix b/maintainers/team-list.nix index 5e3a01412ee8a..7d6df479d6edd 100644 --- a/maintainers/team-list.nix +++ b/maintainers/team-list.nix @@ -892,4 +892,14 @@ with lib.maintainers; { shortName = "Xfce"; enableFeatureFreezePing = true; }; + + zig = { + members = [ + AndersonTorres + figsoda + ]; + scope = "Maintain the Zig compiler toolchain and nixpkgs integration."; + shortName = "Zig"; + enableFeatureFreezePing = true; + }; } |