:: [DNG] What you saw on devuan.org ye…
Top Page
Delete this message
Reply to this message
Author: Jaromil
To: dng
Subject: [DNG] What you saw on devuan.org yesterday was an April's fools joke
dear readers,

as a Devuan caretaker and co-founder, in my own personal capacity, let
me state that:

1. There was no break-in on any part of Devuan's infrastructure on 1st
April. This was the most skillfull prank I've witnessed in my life.

2. Devuan comes WITHOUT ANY WARRANTY. Bluntly put, if you want to hold
someone liable, you need a contract. There are many professionals
here and in the world who can offer you support. Blaming any Devuan
developer for problems caused by his/her actions, be it a joke or a
mistake, is nonsense. Do read the license, if you need to hold
anyone liable for your own needs then make sure you have a contract
with somoene. It is entirely up to you to trust us or not

3. At Dyne.org - a public ICT research institution working with the
European Commission and some major municipalities - we use Devuan
in production. Clearly we need the reliability: so we work for
it. We are not only developing Devuan, but also we have an in-house
continuous-integration infrastructure to build packages and new
images for Devuan's many targets. I encourage everyone reading to
consider contributing to Devuan and at the same time plan your own
way of making a community project reliable for your own
professional use.

4. Katolaz is not just one of the caretakers of Devuan, but is by far
   the developer making the most significant contributions to this
   project. If it wasn't for him, we would be stuck at Jessie,
   IMHO. For our community project, he has done:
    - about 75 Devuan packages
    - all the Devuan installers since Jessie RC
    - all the minimal-live images since Jessie Beta2
    - development on the Devuan SDK
    - work on the sysvinit package in Debian
    - maintainance of all our critical infrastructure, including
      all the building hosts, jenkins, dak, amprolla, pkgmaster,
      mirrors, BTS, file server, all the ganeti nodes, DNS, web,
      and what not.

I wish there would be no need for a personalising argument in this
email, however given the attack Katolaz received I think of it as
necessary. I've been through something like this myself on this
very list, leading also to vandalization of wikipedia pages about
my work. Is not funny at all and some solidarity helps a lot.

This mail is signed with the same 8192B RSA GPG key who signs all
packages distributed by Devuan. I'm not sure if we can go deeper in
trust... my former key signs this one too and was in turn signed by
GPG's author. Perhaps now I'll ask Werner to reach us in Amsterdam and
cuddle on the couch a bit ;^)


  Denis "Jaromil" Roio      https://Dyne.org think &do tank
  Ph.D, CTO & co-founder    software to empower communities
  ✉ Haparandadam 7-A1, 1013AK Amsterdam, The Netherlands
  ✩ Profile and publications: https://jaromil.dyne.org
  𝄞 crypto κρυπτο крипто गुप्त् 加密 האנוסים المشفره
  ⚷ 6113D89C A825C5CE DD02C872 73B35DA5 4ACB7D10