On Fri, Nov 20, 2020 at 12:03:27AM +0100, Emmanuel Seyman wrote: > I suspect that these packages are maintained only to the point where they > can build (and thus be used as buildreqs) but their maintainer also doesn't > want them to be updated without making sure that the update will not break > the package they are really interested in. That's probably also true. So communicating that reverse-dependency might be another important aspect. CI gating should in theory help here. > What exactly do you want to do with this list of lightly-maintained packages? > > Is this something you want to present to end-users? Yes. > Is this a list we should show to people tempted to become packagers? Possibly? Maybe more appropriate for packagers interested in increasing overall packaging quality. > Do we want to generate auto-replies to bugs filed in Bugzilla? Yes, I think so. Explaining the situation and asking for help. We may also want to have a process for making sure that bugs which actually might percolate up to the actual package of interest don't get discarded. > Should SIGs keep a lookout for security fixes to apply? That would be awesome in general, I think. -- Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> Fedora Project Leader _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
