Decent quality packages in Community please. - Just one member of the Arch user base
On Sun, Apr 5, 2009 at 2:37 PM, xyne <x...@archlinux.ca> wrote: > "Ali H. Caliskan" <ali.h.calis...@gmail.com> wrote: > >> We'll as long as there is no human factor in stake, I believe making a >> package, especially a community package isn't that much a security risk. We >> are not talkling about "core" or "extra" packages, just the community repo, >> which is of course provided by the community users. I'm sure that the the >> Arch Linux user would understand that. >>... > > I don't agree with that reasoning. Even though there are warnings and the > user has to enable the community repo him-/herself, there is still a > reasonable expectation of package quality which leads to a base level of > trust for community packages. The same cannot be said for the AUR which, by > your reasoning, should elicit the same level of confidence as the community > repo or perhaps even more because the user builds the packages him-/herself. > Even if the community repo is run by "community users", the selection of > those users strives to ensure certain minimal standards that warrant the > trust of those who use the repo, even if it may not be as rigorous as the > selection of those charged with the maintenance of the core and extra repos. > > For the record, I have no opinion of Jens' packaging abilities nor did I vote > on his application (as I wasn't yet a TU). I am only responding to this > particular point of your post and my response is only a statement of my own > (possibly naïve) opinion. > > Regards, > Xyne >
