Re: Orphaning php-codesniffer, then take it over by the PHP PEAR team
On Thursday 31 May 2012 16:15:31 Jonas Smedegaard wrote:
> [dropping PHP Pear team as cc]
> On 12-05-31 at 03:16pm, George Danchev wrote:
> > On Thursday 31 May 2012 11:47:21 Jonas Smedegaard wrote:
> > > > You and a lot of others fail to realize that the *SPONSOR* is
> > > > responsible for the package.
> > >
> > > Huh?!?
> > >
> > > What does "Maintainer:" mean if not the entity being responsible
> > > for, well, maintaining?!?
> > Who is responsible for the package maintenance in the case where a
> > non-DD is listed in "Maintainer:", and the package is obviosuly signed
> > and uploaded (effectively sponsored) by a DD? I guess it is perfectly
> > reasonable to expect that DD, being in the role of sponsor, is
> > responsible for the package quality and further maintenance. Sponsors
> > are full-fledged DDs, and trying to claim that they are not
> > responsible, or are somehow less responsible than any other
> > non-sponsoring DDs, for the uploads they have done, is obviously plain
> > wrong.
> You avoided my question, it seems: What does "Maintainer:" mean, then?
What does "Uploaders:" field mean?
> Seems to me that for sponsored packages the Maintainer field is a joke!
The gpg signature applied to the upload is not a joke, at all.
> Seems to me that for sponsored packages we need access to ftp logfiles
> to resolve who is responsible for maintaining the package.
Then, please, allow me to introduce you to the 'who-uploads' utility.
> I find both of those plain wrong. Possibly obviously and maybe even
> hilariously simple, but wrong nonetheless.
Nothing is wrong with the control fields and the gpg signatures applied to the
pub 4096R/0E4BD0AB <people.fccf.net/danchev/key pgp.mit.edu>