Extras Security Policy

Ralf Corsepius rc040203 at freenet.de
Thu Sep 8 07:19:01 UTC 2005

On Thu, 2005-09-08 at 09:04 +0200, Linus Walleij wrote:
> One of the crucial things involved here is monitoring of upstream in 
> actively used and developed software. One potential problem could be 
> people loosing interest or taking on maintenance of too many packages so 
> that they loose focus.

One remedy would be to share maintainership instead of trying to
encourage a "one package - one maintainer" policy as FE policies
currently do.

> Perhaps one could state some cleartext about the responsibilities of a 
> package maintainer, and how to properly resign? I have not seen such a 
> thing yet.
IMO, the problem reaches deeper: FE entirely lacks a post-release QA

Once a package has entered CVS, maintainers have all kind of freedom to
commit all kind of foolishness they want to commit ;)


More information about the fedora-extras-list mailing list