-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Lennart Regebro wrote: > On Wed, Feb 6, 2013 at 9:28 PM, Zygmunt Krynicki > <zygmunt.kryni...@canonical.com> wrote: >> I did not realize that a basic install of plone is composed of >> 100+ packages. If all of those packages are maintained by a >> coherent group (pardon my ignorance of plone here) then perhaps >> that use case could be managed by allowing the user to accept trust >> to a larger pool of packages. > > Most of them are done by a couple of groups, which share some > people. But there is at least 20-30 packages in there that aren't > maintained by these groups. > > Plone is trying to be user friendly. If the Python community in > general would decide to go down this path, then Plone would be > forced to simply not use standard Python packaging at all. > > Fortunately, I don't think the risk is very high. As mentioned, this > is just not a practical or feasible way to solve the problem. +1 - -aj -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQGUBAEBAgAGBQJREz/TAAoJEADcfz7u4AZjVQoLwIqMvnAvFC6Odfdp+Ed8FSWk gSBB9iFJaZO9ubDhjLNFgMefgrPTBinyTEUX/h9XjjJYpjHY+7IJrAg74KoHYaM7 usHb+p0KeqzDEAfP2hxAaGP5m8odn99/7oGujJ4nC+w14LFLmrO43KoOVk4tdCFz geGP12hzRr16IGa0miFTQNi4nD0SLAgQzYqVx63f1qVwlv58bCAKrejb+YCVfKpy R84fipHfRlxkbCYxFph9dP7k8fFW5VuN/eNSk8uLz5SBsP9HYfF2J3r/10S1ED1I 3oS9Ufq4Acl/gWuCrw2pu5JAC0fHkFKy39REkw6vbUj8Os/7wvsTQPlINVbgN8g2 X+RJrd8QAL1fkhDMv3Vnx1E0jUO/odm7cBWp3H6I/pYuoVTi6GOUvy+Zvj1IC5dt gTvLxzJ2U53e+wpSepH8FTsSwGfGs/E9tUcRsqSQV7xNI+PdLuwfw7dB4vqQibnq pLUCnPfk7R5VwEsw8K/vi2OulSxJ18A= =ojxZ -----END PGP SIGNATURE-----
<<attachment: lists.vcf>>
_______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
