On 8/22/07, Owen Taylor <otaylor@xxxxxxxxxx> wrote: > So you wouldn't be endorsing Joe Smith's Package Repository at all, Putting aside the debate of popularity != safety for the time being.... We don't have to "endorse" to run afoul of legal issues. Merely helping users compile a list of any 3rd party repositories is potentially off-limits. Can you point to anything we are doing right now, where we make any effort at all to comprehensively list 3rd party repositories inside the official fedora project space.. even in the wiki.. even without using urls? My understanding is that we aren't even allowed to do that. Even a simple list of repository entities, with absolutely no contextual information concern the quality or scope of their contents, may be beyond the bounds of what we are allowed to provide. Any reputation system inherently involves making such a list and then adding contextual information. "This repo exists" maybe a statement that is beyond what we are capable of saying in any official capacity. -jef"hopes we can implement this, so I can game the system and make my repository of deliberately malformed packages appear to be safe by installing 100,000 or so virtual machines and give them all unique smolt ids and have a bug tracker that reports back zero bugs found against all queries"spaleta -- Fedora-desktop-list mailing list Fedora-desktop-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-desktop-list