Disable autokarma if anyone gives a -1 to 'basic system functionality'

[lmacken]

If someone gives negative feedback with the "Does the system's basic functionality continue to work after this update?", we should disable the automatic pushing based on stablekarma...

We probably want to leave the unstable-karma auto-unpushing in this caes, but disable the automatic pushing to stable when it this happens.

[gbcox]

It isn't a good idea to give some random tester veto power over the maintainer. There are a multitude of reasons that a particular tester may give negative karma. That is why the system has been setup to have negative karma affect the total score.

[mattdm]

@gbcox As long as the maintainer is able to override and push anyway, I don't think that's a problem. Then it's not veto power, just a "hey, a human really needs to look at this before it's pushed".

[mattdm]

@trishnaguha and @bowlofeggs — looks like #894 only applies to critical updates. Why not all updates? "Critical" in that sense just means "critpath" — but there are plenty of non-critpath updates which land on many people's systems and could conceivably cause harm.

[gbcox]

@mattdm Thanks for the response Matt - it was merged months ago anyway. Given the fact that many maintainers haven't yet figured out how to use bugzilla I can understand why the project has concerns about the way they handle their own updates.

[mattdm]

That's, uh, not what I said.

[gbcox]

I didn't say you did. However, obviously the project has a concern or they wouldn't be making this change.

[trishnaguha]

@mattdm autopush will be disabled if critical update receives negative karma. This is not applied for non-critical updates. I don't think it is a good idea to disable autopush for every kind of update right after it receives negative karma. IMO the update that can cause harm can be marked as critical update instead?

[mattdm]

@trishnaguha Can you elaborate on why it doesn't seem like a good idea?

Here's a (made up but possible!) example — let's say I use a personal information management system to keep track of contacts and so on. It's not a standard GNOME application and not part of the normal desktop, but I rely on it, and other Fedora users might too.

An update goes out and a couple of people +1 it. Then, I discover that it has a bug where if I enter an appointment on Sunday, all my data is deleted. I go and put a -1. Then, a couple more people come, don't read my feedback and give "+1 seems to run!". Ooops!

It doesn't make sense to make a application like this a critical path package — but we probably don't want that update going out without further investigation!

[bowlofeggs]

On Wed, 2016-12-21 at 16:47 -0800, Matthew Miller wrote:

@trishnaguha and @bowlofeggs — looks like #894 only applies to critical updates. Why not all updates? "Critical" in that sense just means "critpath" — but there are plenty of non-critpath updates which land on many people's systems and could conceivably cause harm.

Hey Matthew!

I believe #894 did it that way because the subject of #879 was to "Disable autokarma if anyone gives a -1 to 'basic system functionality'". The basic system functionality question is only given on critical path updates, so it was thus implied that this behavior should only happen on critical path updates. So that's the history there - we can change it if needed.

[bowlofeggs]

On Fri, 2016-12-23 at 11:05 -0800, Matthew Miller wrote:

Can you elaborate on why it doesn't seem like a good idea? Here's an example — let's say I use a personal information management system to keep track of contacts and so on. It's not a standard GNOME application and not part of the normal desktop, but I rely on it, and other Fedora users might too. An update goes out and a couple of people +1 it. Then, I discover that it has a bug where if I enter an appointment on Sunday, all my data is deleted. I go and put a -1. Then, a couple more people come, don't read my feedback and give "+1 seems to run!". Ooops! It doesn't make sense to make a application like this a critical path package — but we probably don't want that update going out without further investigation!

Perhaps another option is just to disable autokarma if any user gives a -1 - at that point the maintainer would have to read the feedback and make a manual decision. I think this would be easier to implement than to ask the "basic system functionality" question on every update (which I think might also be confusing since the general karma +1/-1 is also there).

[mattdm]

@bowlofeggs Oh! That makes perfect sense. Sorry. My mind substituted "basic system functionality" into "Is the update generally functional?" — which is asked for non-crit-path updates. I think

just to disable autokarma if any user gives a -1 - at that point the maintainer would have to read the feedback and make a manual decision.

is exactly the right thing. Do you want a new issue filed for that?

[bowlofeggs]

On Fri, 2016-12-23 at 16:04 -0800, Matthew Miller wrote:

I think "just to disable autokarma if any user gives a -1 - at that point the maintainer would have to read the feedback and make a manual decision." is exactly the right thing. Do you want a new issue filed for that?

Sure!