Jonas Smedegaard dijo [Sun, Aug 21, 2005 at 07:28:55PM +0200]:
> > We also came to the conclusion that some of the requirements proposed in
> > Vancouver would make sense as initial requirements -- requirements that
> > a port would need to fulfill in order to be allowed on the mirror
> > network -- but not necessarily as an 'overall' requirement -- a
> > requirement that a port will always need to fulfill if it wants to be
> > part of a stable release, even if it's already on the mirror network.
> > Those would look like this:
> [snip]
> > Overall:
> [snip]
> > - binaries must have been built and signed by official Debian
> >   Developers
> 
> Currently, sponsored packages are only signed, not built, by official
> Debian Developers.
> 
> Is that intended to change, or is it a typo in the proposal?

Umh... It is possible, yes, to sign and upload a package you didn't
build yourself - I would only do it in case I know my sponsoree knows
_very_ well (i.e. at least as well as me) how to do stuff. I think
there is (but I cannot say for sure) the common practice to build
before uploading - You cannot be sure, of course. This, also, cannot
become policy, as it cannot be checked... But I feel this is common
practice already.

-- 
Gunnar Wolf - [EMAIL PROTECTED] - (+52-55)1451-2244 / 5623-0154
PGP key 1024D/8BB527AF 2001-10-23
Fingerprint: 0C79 D2D1 2C4E 9CE4 5973  F800 D80E F35A 8BB5 27AF


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to