Re: This is how packaging should be done.
On Mon, Jun 10, 2002 at 08:45:12AM -0400, Stephen Frost wrote:
> * Jeremiah Mahler (jmahler@pacbell.net) wrote:
> > On Mon, Jun 10, 2002 at 08:22:41AM -0400, Michael Stone wrote:
> >
> > What about the idea that anyone (not just maintainers) can submit
> > packages and they will available immediately to others without
> > having to go through an intermediate person.
>
> Bad idea from a security standpoint, of course.
Not everyone is forced to use the packages contributed from the public.
There can still be packages approved by official developers. A user
could decide to only use the packages marked as approved and they would
be as safe as Debian is now.
>
> > In contrast, Debian allows only specific people to add new packages
> > and only the maintainer can fix their packages. This requires work
> > by specific people which makes development slow.
>
> "Specific people" being the entire set of Debian people, which is a
> pretty decently sized set of people.
>
What about the situation where a package is broken and the maintainer
is unreachable. In the model described in the article anyone could
fix the package (assuming it is not a critical package) but it would
be marked as new so that people who only want safe packages would
know to stay away from it. Then, if the maintainer comes back he/she
could check the package and approve it so that it could now be used
by people who want safe packages.
> Stephen
--
Jeremiah Mahler
<jmahler@pacbell.net>
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: