On Wed, 2006-07-05 at 15:37 +0200, Thorsten Leemhuis wrote: > No there isn't. In an ideal world there should be one, but there are a > lot of others things that aren't done currently that should be done > first before we get a step closer to that ideal world. > > Further: A basic security check would mean that each packager and the > reviewer must understand and know the programming language the software > he packages is written in. And that's often not the case and would make > packaging and reviewing even more complicated (it hard enough already) I think that a basic understanding of the code which you're patching and shipping _should_ be considered a requirement in the general case, yes. I've said it before, and because I'm right I'll say it again: Fedora needs _maintainers_, not just package-monkeys. > Heck, it's probably even worse: There are afaik a lot of Extras > packagers that simply are no real programmers at all. I for example > don't know C or C++, my Java skills are limited, I never found enough > time to really dig into python and the only think I understand well is > bash -- and that's not a real programming language. > > It seems to me that a lot of people often forget that. But does that > mean that I (and all the other non-programmers) should stop contributing > to Extras? You, Thorsten, are a special case -- you're downplaying your own capabilities. I know perfectly well that you pay attention to detail and you're entirely capable of seeking out assistance when you need it. And I don't suggest that even in general such people should "stop contributing to Extras"; just that they should not be sponsored as package _maintainers_ -- at least for packages containing code they don't understand. -- dwmw2
