On Mon, Jul 22, 2013 at 10:43:36AM -0400, Matthew Miller wrote: > On Mon, Jul 22, 2013 at 03:14:04PM +0100, Richard W.M. Jones wrote: > > I suspect this would be better if we made it much easier to automate > > "cpan2spec"-style mass importing of packages to RPM. So that, for > > example, you didn't need to separately review every single perl-* > > package that comes from CPAN, or every single rubygem. > > Yes, definitely an approach worth looking into. > > > (The obvious > > downside is that Fedora or Someone is going to be shipping an awful > > lot of dodgy, insecure, illegally-licensed software because all the > > checks we usually do to keep that out of the distro will be bypassed.) > > Well, obviously Someone is doing that quite a lot anyway. Fedora needs to > continue to avoid that. Here is where "work with upstream" comes in -- if we > put the same effort into reviewing packages in Fedora into reviewing the > same code at the _upstream_ packaging point, we significantly increase the > amount of good our work is doing _and_ we can draw in a larger community of > people interested in the same ends but not necessarily in Fedora or RPMs. You don't necessarily need to distribute these RPMs. You could have a tool that takes the upstream sources, compiles it, turns it into an RPM and installs that (all done on the end-user's machine). Of course, integrating that with yum is challenging; maybe a yum plugin can do it? Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://libguestfs.org -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
