Based on Kushal Das’ (@kushaldas on GitHub) contributions thus far, I think he should become a SecureDrop maintainer. He’s a software engineer at FPF and has made significant contributions - most recently to the new update GUI. He has also worked on other smaller bugfixes and documentation improvements. He added our workflow (docs + CI) for adding type checks to the SecureDrop application code. Finally, he has assisted with QA and testing since the 0.5.x release series. With his wealth of experience, I’m confident he will make an excellent SecureDrop maintainer.
Please share any concerns here or privately if you prefer. Else feel free to
from me! @kushaldas has a great vision of how to push the SecureDrop project forward and has been super respectful in dealing with discussions that crop up in code-reviews (aka squabbles).
DISCLAIMER - @kushaldas bribed me with a little toy elephant to say these things
Agreed! @kushaldas is immensely knowledgeable and will be an excellent project maintainer.
I propose to wait a little longer, because the latest patches to securedrop-admin were untested and one of them was a hack.
On the same note, I would also like to see more healthy review discussions to be confident the huge sdconfig refactor squabble is something of the past. There should be many opportunities for that to happen in the next few weeks while I work with @kushaldas on i18n as well as the tools to automate it.
For what it’s worth, I can vouch for the character of @kushaldas. He would also bring a large amount of Python experience to the table, which would probably be useful in his status as a SecureDrop maintainer should that happen.
Since a maintainer has expressed a desire to wait a little longer, let’s wait a few more weeks and then try again for consensus. There is no rush and it is best to have us all be on the same page
My reservations were expressed in a language that is not appropriate in such a forum and I apologize for that. Since my reservations were not seconded, I withdraw them. @kushaldas, in his capacity as an FPF employee, needs extended rights to the SecureDrop respository in order to carry out the work he is assigned to do. FPF is ultimately responsible for granting full access to the repository and it does not make sense for a single community member to stand in the way. I appreciate the opportunity to express reservations, even if they are only advisory
Several months have passed since this was first discussed (community maintainers with reservations can indeed block people from getting maintainership, which I think is a good pattern: if people in the community are not comfortable, then we wait), and I’d like to raise this for discussion again.
I think the case is now very strong for Kushal for maintainership. He’s has taken over managing the excellent translation community that @dachary and others from the community had built. He’s also leading the effort on improving how we build Debian packages for SecureDrop: https://github.com/freedomofpress/securedrop-debian-packaging-guide. In addition, he’s participated in the regular release cycle since the 0.5.x series, doing QA and fixing bugs. There’s a lot more that I could say, but I think this already is more than enough to be a maintainer of the project.
Let me know what y’all think!
No objections here … my comments I said ~6 months ago still hold true
looks like we have consensus!