[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Proposal for removal of mICQ package

Le jeu 13/02/2003 à 17:52, Anthony Towns a écrit :
> On the other hand, this makes no sense at all. The package doesn't have
> intractable security holes, or license problems, and the bugs that've
> gotten us into this mess are all trivial to fix.

But the upstream maintainer has proven to be untrustworthy. I think it
is a good reason enough to avoid software he maintains and consider it
as unsuitable for Debian.

> 	(a) avoiding packages that've been trojaned upstream entering
> 	    Debian, either through a Debian maintainer or via the
> 	    sponsorship system?

You cannot ask the maintainers to review every single line of upstream
code, especially when it is moving fast (I don't know whether it is the
case for micq). Or else, we will have to seriously decrease the number
of packages we provide.

> 	(b) how to best interact with upstream maintainers that can get
> 	    exceedingly obnoxious?

The author can be obnoxious without trojaning the code. This is a
different matter.

 .''`.           Josselin Mouette        /\./\
: :' :           josselin.mouette@ens-lyon.org
`. `'                        joss@debian.org
  `-  Debian GNU/Linux -- The power of freedom

Attachment: signature.asc
Description: PGP signature

Reply to: