On Thu, Dec 22, 2016 at 11:08:21AM -0000, Iiro Laiho wrote: > I am sorry if I ended up insulting any Bodhi volunteers. That was not my intention. My intention was point out the risks of trusting the word of people on the Web without proper screening. We are a community of world-wide volunteers working on making a linux distribution so we are pretty much a community of people on the web. As such which screening would you want to see before trusting our contributors? I think everybody will agree that the web is large and some corners are darker than other. The project at large got some large waves of spams hitting us in the last months, so we are aware that the world isn't all unicorns and kittens. But putting screening in place in a way that isn't counter-productive to how a community is built (which I believe is: trust) seems like a difficult task. So what are you thoughts and ideas to try improving, extending our community while developing a sense of trust in our fellow contributors? Also, let's not forget that we are speaking about: - a community member that is trusted enough to have access to our packages and build system pushed a new package update - other community members are reporting pro/against this update In this last step what is the worst that could happen? Random people giving negative or positive feedback just to annoy us? So the packager will loose a time figuring out if the comments/feedbacks are legit and go to bodhi and click on the ``Push to stable`` button instead of relying on autokarma? Seems to me like the risk here is pretty limited, we're not talking about something that would be critical to our infra. Pierre _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
