Debian by its numbers, as seen by keyring-maint

At keyring-maint, we got a request by our DPL, querying for the evolution of the number of keys per keyring – This can be almost-mapped to the number of Debian Developers, Debian Maintainers, retired and deleted accounts over time since the keyrings are maintained over version control.

Stefano insisted this was more out of curiosity than anything else, but given the task seemed easy enough, I came up with the following dirty thingy. I'm sure there are better ways than cruising through the whole Bazaar history, but anyway - In case you want to play, you can clone an almost-up-to-date copy of the tree: bzr clone http://bzr.debian.org/keyring/debian-keyring/

#!/bin/perl
use strict;
my ($lastrev, @keyrings, %revs, $fh);
open $fh, '>growth_stats.txt' or die $!;
 
@keyrings = sort qw(debian-keyring-gpg debian-keyring-pgp 
                    debian-maintainers-gpg
                    emeritus-keyring-gpg emeritus-keyring-pgp 
                    removed-keys-gpg removed-keys-pgp);
 
system('bzr unbind'); # Huge speed difference :-P
$lastrev = `bzr revno`;
 
for my $entry (split /^---+$/m, `bzr log`) {
    my ($rev, $stamp);
    for my $line (split(/\n/, $entry)) {
	next unless $line =~ /^(revno|timestamp): (.*)/;
	$rev = $2 if $1 eq 'revno';
	$stamp = $2 if $1 eq 'timestamp';
    }
    $revs{$rev} = { stamp => $stamp };
}
 
spew('Revision', 'Date', @keyrings);
system('bzr bind')
 
for my $rev (sort {$a=>$b} keys %revs) {
    system("bzr update -r $rev");
    spew($rev, $revs{$rev}{stamp}, 
	 map {my @keys=$_/*>;scalar(@keys)} @keyrings);
}
 
sub spew {
    print $fh join('|', @_),"\n"
}

And as a result... Yes, I fired up OpenOffice instead of graphing from within Perl, which could even have been less painful ;-) I had intended to leave graphing the data raw (also attached here) as an excercise to the [rl]eader... But anyway, the result is here (click to view it in full resolution, I don't want to mess your reading experience with a >1000px wide image):

A couple of notes:

• Debian Developers are close to the sum of debian-keyrings-pgp and debian-keyrings-gpg
• After a long time pestering developers (and you can see how far down the tail we were!), as of today, debian-keyrings-pgp will cease to exist. That means, no more old, v3, vulnerable keys. Yay! All the credit goes to Jonathan. Some last DDs using it are still migrating, but we will get them hopefully soon.
• To be fair... No, the correct number is not the sum. Some people had more than one key (i.e. when we had ~200 keys in debian-keyring-pgp). The trend is stabilizing.
• Of course, the {removed-keys,emeritus-keyring}-{pgp,gpg} will continue to grow. Most removed keys are a result of tons of people migrating over from 1024D to stronger 4096R keys
• You can easily see the points where we have removed inactive developers (i.e. the main WAT lack-of-response, as seen at about ¾ of the graph)
• keyring-maint handles the Debian Maintainers keyring since late 2009. There is a sensible increase (~10% in six months), although I expected to see that line grow more. I think it's safe to say the rate of influx of DMs is similar to the rate of influx of DDs - Of course, many DMs become DDs, so the amount of new blood might be (almost) the sum of the two positive slopes?

Anyway, have fun with this. Graphics are always fun!