On Fri, Jul 7 2023 at 12:25:12 PM -0500, Bruno Wolff III
<bruno@xxxxxxxx> wrote:
Is there going to be a recommended way to not accidentally install
this stuff? I'm guessing the least work (for Fedora) would be to
black list the key packages in the repo files. Making available a
package that conflicts with them could be done, but it could
accidentally get removed during and --allowerasing change. But this
might be easier when doing installs.
Well I wouldn't necessarily expect it to be easy to install by mistake,
but I do want to make sure it's not harmful if that happens somehow. So
even if the packages are installed, they're still not going to upload
metrics to Fedora without further user consent.
The local collection is a bit of a hole, but I like your suggestion to
put a short time limit on that. Perhaps we can collect for something
like one hour locally, then delete if the user has not consented to
upload before then. Something like that.
Michael
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
