b. f. wrote: >> On Fri, Dec 18, 2009 at 02:50:31PM +0100, Dominic Fandrey wrote: >>> So when I submitted ioquake3-1.36 I condemned some poor committer >>> to read 366609 lines of code? >> We expect them to test-install the initial code to make sure it's >> not malware. >> >> We expect them to scan the diffs to make sure the system isn't rooted. > >> What's your alternate suggestion? Just let everyone commit whatever >> they want and hope for the best? > > Aren't the two of you talking at cross-purposes here? It seems to me > that the OP is looking for a way to update a port to a distfile > created from a snapshot of project sources -- not in the sense of > sources that are recreated each and every build by fetching a snapshot > from a remote VCS, but an actual tarball that has been audited, > checksummed, and uploaded to a project server. Surely this is needed > for a few ports, including some now in the tree?
I have the same impression. I'm wondering how this could be the case. In the OP I wrote: > I'm providing distfiles, ... I don't see the wiggle room for anything spontaneously changing when properly checksummed distfiles are involved. -- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? _______________________________________________ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"