Re: Inactive packagers to be removed after the F37 release

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Dne 16. 09. 22 v 19:03 Kevin Fenzi napsal(a):

On Fri, Sep 16, 2022 at 10:03:35AM +0200, Vít Ondruch wrote:

Isn't peer review much better and easier solution over all? We could also
require signed commits I guess.

I think it would slow things down quite a lot to require peer review of
every commit.
This proposal was based mainly upon the conversation, where nothing what was proposed was secure enough. Every proposal was shot down having some possible holes. While peer review might be slow and it is certainly not bullet proof, I don't think we can do any better.
And BTW, when I talk about peer review, I think that also ex-post peer review is valuable. E.g. if I contribute to some package, I'll look at every commit notification and check the changes. If I see something concerning, I'll try to address it. Better late then never. 


Vít




I'd personally like to avoid anything where we need to support gpg.
It's a mess and I think it would waste a lot of cycles explaining how to
use it or help people get setup. ;( If there's some easier/more clear
way to sign things that could be a option tho.

kevin

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux