On Tue, Mar 25, 2014 at 2:43 PM, Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> wrote: > On Tue, Mar 25, 2014 at 09:29:12AM -0400, Josh Boyer wrote: >> > I like the idea of actually revisiting the list and deciding what to do, >> > although pulling them out of the repository seems unnecessarily drastic. >> This always winds up being the suggestion. Nobody actually does >> anything about it. I'd only be supportive of this on two conditions: > > Well, I was looking through the list.... there are some important packages > in here, including gcc, nss, samba, httpd, and a lot more. And tcp_wrappers. > :) Many of these really deserve the attention. > > Others.... maybe not so much. tix? Pyrex? > > (Also I notice festival is in there -- that's partly package and based on > long-ago work I did before the merge and I *know* it needs an update... > *sigh*) > >> 1) Actual bugs impacting actual people as a result of an improper spec >> file were present >> 2) One of the bodies responsible for packages in Fedora (FESCo, FPC, >> ?) agreed to conduct audits across all packages for guideline >> adherence at regular intervals. >> >> I'd be willing to not require item 1 if item 2 were actually done. It >> never has been, and if it had it would already suffice for the purpose >> the merge review tickets would serve today. > > I don't think that we need to do it across *all* packages. I'd like to see > it done initially for all packages that end up part of the base design. > That's a more manageable chunk and will focus the effort where it will have > the most benefit. The benefit would be? We shouldn't waste so much time and resources for a questionable gain. If there are issues with some packages file bugs (with patches) or better just fix it and be done with it. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
