Christopher Aillon wrote: > You really don't see the value in having the engineers that own the code > give technical review? I don't think this should be a requirement for each and every patch to ANY Fedora package. It is generally not necessary and delays fixing bugs a lot. > Anyway, it's unfortunate that this really isn't done more often. I > really think that as a project, we'd be doing a lot better if we > mandated upstream review before applying patches to any package if you > aren't an upstream maintainer of the code. As it is now, it's somewhat > scary to think how many packagers would take a bugfix patch and apply it > without being able to figure out if there's a potential hidden exploit > in it... And you think the average upstream is any better at this? Seriously? Kevin Kofler -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel