Re: Alternative plan for DDP
On Fri, Feb 06, 2004 at 11:30:04PM +0100, Francesco Paolo Lovergine wrote:
> On Fri, Feb 06, 2004 at 10:58:03PM +0100, Osamu Aoki wrote:
> > > Proposal:
> > >
> > > A nice script could be written to checksum scripts and create a
> > > signable list of trustable scripts on alioth.
> >
> > I thought about this route. But where and what permission to use to
> > store them. And where you keep these scripts. If these script are to
> > be kept in the CVS archive, this should be a group/project with
> > fewer member.
> >
>
> Ownership of the list is not essential.
True.
> Proper signing is a requirement to consider the list trustable. And
> the two scripts will be subject to changes rarely.
Yes.
> > > Then, another script on gluck could import only files in that list
> > > after proper checking. One of the PMs could so sign the list when all
> > > its files had been checked. This could ensure that only coherent and
> > > trustable scripts are used on gluck, and could avoid error-prone
> > > human-based copies.
> >
> > If you can make simple and clean script to all these without any
> > compication, that will be nice. But until then, 2 CVSROOT is the only
> > simple and sure solution. I am open for this fancy scheme if I see the
> > working solution.
> >
>
> I'll see what I can do about that.
When you make one, please make signiture per each document tree. So
proofreading of script are done by each responsible.
For example, following sections should be able to be signed by the
different DDs.
* release-notes
* dselect-beginner
* intro-i18n
* project-history
* debian-euro-support
Reply to: