No matter how careful you were, sometimes changes in nixpkgs simply break things. But regularly, I stumble upon accidents that could have been avoided, and if you look at enough of them you start recognizing patterns:
- Many of them were “trivial” or innocent-looking, like package bumps or small refactorings.
- Many of them were merged rather quickly, sometimes within hours.
- Many of them were self-merges.
- Many of them had little to no review except from maybe “diff LGTM”.
- Some of them didn’t even properly evaluate, which means they hadn’t been tested at all before merging.
Some of these are more actionable than others. For a start, I’d like to have PRs open for at least 24h before merging, to give people a reasonable chance to have a look at it. I’m thinking of a simple “wait 24h” CI pass that will help with this.
Self-merges should be frowned upon (even more than today). I know that we are still understaffed and that some things just don’t get reviewed, but I expect a realistic effort to at least try and give people a chance to have a look at it. (Ping some people, give them a good week to respond for example.)
Some of these breaking PRs are what I call “reckless merging”. I doubt that we can enforce some realistic review standards technically (
nixpkgs-review for example does make no sense for a lot of changes), but when things break it’s rather easy to deduce the lack of care afterwards. Admittedly, these don’t happen often, but they still happen often enough that I just spent an hour writing this post because I’m pissed. So let’s discuss this in public and make things better.