On Tue, 5 Oct 2021 at 11:28, Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> wrote: > > On Mon, Oct 04, 2021 at 09:17:30PM +0200, Vitaly Zaitsev via devel wrote: > > >Is this really necessary? > > > > Yes. Because anyone can add something like this: > > %post > > rm -rf / > > > > And it will destroy the installed system or even the hardware. > > Yeah, but... that's not going get through the PR process? In fact, that > specific thing should fail in CI before a human gets to it even. > > Overall, we put a lot of trust in maintainers. I don't see this _particular_ > route as a likely one for violating that trust. > I think part of the problem is that I don't think the proposal has enough flesh on its bones for people not to see it causing all kinds of problems somewhere. Or vice versa seeing not enough to see it being worthwhile for a beginner. [For many a developer, PR's aren't that interesting to most developers and not what they think about when looking at packaging. Running fedpkg and making a spec file work on my system and through the complicated koji+bodhi+mbs+.. stack is real packaging.] So we need a real proposal with an end to end idea of what is being done, what is to be learned, and how it is to be 'watched' by real developers to make sure people are learning things. -- Stephen J Smoogen. I've seen things you people wouldn't believe. Flame wars in sci.astro.orion. I have seen SPAM filters overload because of Godwin's Law. All those moments will be lost in time... like posts on a BBS... time to shutdown -h now. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
