On Fri, Feb 21, 2020 10:11:47 -0500, Randy Barlow wrote: > On 2/21/20 9:57 AM, Martin Sehnoutka wrote: > > Every time there is a new release it would automatically synchronize our > > own Fedora-specific registry, which would in turn be accessible in > > buildroot. > > One thing that comes to my mind with this proposal is that we still need > some way to vet licenses. Today, this is done via the package review > process, and in my mind is the primary purpose of package review. If we > started having upstream compatible registries, I suppose we could introduce > a review process for adding packages to the registries to solve this > concern. Vetting of licenses is only one aspect of the review but not its sole purpose. Apart from all the other checks to ensure that the software follows current best practices in software development, we also verify the correctness of the software during the review. -- Thanks, Regards, Ankur Sinha "FranciscoD" (He / Him / His) | https://fedoraproject.org/wiki/User:Ankursinha Time zone: Europe/London
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
