• Ephera@lemmy.ml
    link
    fedilink
    arrow-up
    16
    arrow-down
    2
    ·
    27 days ago

    I find that difficult. Aside from code reviews, often times your job as a maintainer is:

    • getting a refactor or code cleanup in while everyone’s asleep
    • shuffling commits around between branches
    • fixing the CI toolchain
    • rolling back or repairing a broken change
    • unfucking the repo
    • fixing a security vulnerability

    A required review slows all of these tasks to a crawl. I do agree that the kernel is important enough that it might be worth the trade-off.
    But at the same, I do not feel like I could do my (non-kernel) maintainer job without direct commit access…

    • Em Adespoton@lemmy.ca
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      26 days ago

      I feel your pain. I have maintainer roles for a few projects where things could be slowed down by a week or more if I didn’t have direct commit access. And I do use that access to make things run faster and smoother, and am able to step in and just get something fixed up and committed while everyone else is asleep. But. For security critical code paths, I’ve come to realize that much like Debian, sometimes slow and secure IS better, even if it doesn’t feel like it in the moment (like when you’re trying to commit and deploy a critical security patch already being exploited in the wild, and NOBODY is around to do the review, or there’s something upstream that needs to be fixed before your job can go out).