Am Donnerstag, den 01.06.2006, 08:51 -0400 schrieb Konstantin Ryabitsev: > On 6/1/06, Thorsten Leemhuis <fedora@xxxxxxxxxxxxx> wrote: > > 1. create a package, prepare it for review > > 2. get it reviewed and yourself sponsored > > 3. import it and build > > 4. checkout some popular packages, upload new tarballs with a slightly > > different names and a root-kit in it. Modify the "Source0" accordingly > > 5. commit the changes, hit "CTRL-C" at the right point of time so the > > commit-message is not send to commits-list > > 6. wait until the maintainer fixes something else in the package an > > rebuilds it without noticing the changes done to CVS in between > Most of us have locally checked out copies of our packages [...] What makes your sure that "most of us" do it like that? I for example don't have them because I work on my packages from multiple machines. So I always do a fresh checkout (that way I always get a up2date common directory, too). And in any case: "- instead of "6.": build the modified packages yourself -- chances are quite low that somebody will notice it" remains. Cu thl -- fedora-extras-list mailing list fedora-extras-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-list
