Re: apt 0.6 and how it does *not* solve the problem
Russell Coker <email@example.com> writes:
> Removing from active status seems appropriate to me.
But that's a totally different subject. If you want to remove Debian
developers from the list of developers, because they haven't uploaded
in six months (what about packages that don't have bugs?!) then that's
a different topic. Please don't tie it to the security thing, which
doesn't require removing them as developers.
> If we are afraid of compromised packages then we can't have an automated
> method of changing status back to active.
I didn't suggest that. I suggested some kind of checking to see if
they are really the person. That would involve a person doing a
little effort. There is no effort-free procedure here.
My point is that if they have been idle, then an upload requires some
kind of human revalidation--but NOT a complete NMU procedure, or
removing them as a developer, or dropping their ability to vote, or
things like that.