Re: opposition against clamav-data in debian volatile
On Sun, 20 Sep 2009 17:10:45 +0200, Luk Claes <firstname.lastname@example.org> wrote:
>Hmm, nothing is black and white. The current way of uploading
>clamav-data is suboptimal and ftpmasters don't want that to continue
>when volatile is integrated in the main archive. Though that does not
>mean there are no alternatives. Back then you did not seem interested in
>any alternative way of doing it and rather discontinue the service
>completely. Is this still true or should we start thinking of alternatives?
As long as you do not expect me to manually sign every single upload,
I'm fine with alternatives. Back when Andreas was in charge, he said
that he'd prefer the packages to be unsigned instead of being
automatically signed with a passphaseless key.
I am fine with reducing the upload frequency (and would, in that case,
continue to provide more frequently built packages on people.d.o), but
I am not fine with regular manual work being required. I am also fine
with more paranoia before the upload, for example, to have kind of a
"master" package on a trusted system which would be debdiffed against
a newly built package to catch differences in the file list.
It would be massively easier if I knew what are the real issues
instead of sending someone saying in IRC "ftpmaster doesn't want
clamav-data any more, please ready yourself to see your work going
down the drain" but doesn't know any more.
That being said, it looks like volatile's policies are going to change
BIG TIME when it gets integrated into the main archive, and frankly,
as a volatile user, I'd rather see volatile stay separate than seeing
some of its previous principles dumped.
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834