Hey,I think this should be a separate repo from the AUR, which I think would be a good idea. What makes the AUR so comprehensive (and so vulnerable) is that anyone can push a new package. As you mention, newbies have questionable chances of getting vouched by strangers when they've done absolutely nothing yet (especially if worry arises that vouching bad people can get you banned), and I'd anecdotally say half of AUR packages were created by people who wouldn't meet your vouching criteria.
> if multiple accounts that only lately gained trust immedeately vouch for many other new accounts
It'd be more like one account vouching for many new accounts. -- Cheers, Aᴀʀᴏɴ
OpenPGP_0xCBC3973CD9FC6A16.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
