>>>>> "BN" == Bill Nottingham <notting@xxxxxxxxxx> writes: BN> Right, but you're an authorized user who (may) do some sort of BN> rudimentary check for '100 GB source tarball' or 'is an obvious BN> trojan', etc. before submitting the build. Would this automated BN> system do that? Well, that's a fair question, and do note that I have no involvement with the currently proposed system. (I don't even agree with the name that's been chosen for it.) But when I initially talked about scraping the last src.rpm posted in every open package review ticket and dumping it on koji, people didn't raise any issues. I was specifically asking about where there were any security or DOS issues involved in that. It is entirely possible that folks behind the current proposal saw that discussion. - J< -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
