On 7/5/16 10:52 PM, NP-Hardass wrote: > > I think it is a little bit of a stretch to say that he's the only one to > have an issue. Now, I've spoken with the parties involved, so my issue > is resolved, but I had a package of mine bumped in the name of security > without being pinged/consulted at all. I'm not attempting to point > blame at anyone, but merely show that there are others who have been > affected by security workflow sometimes going around the maintainer. I > don't think there should be any harm in acknowledging that, and striving > to make sure it doesn't happen in the future, where possible. >
I agree that a ping is the necessary first step, but I'm afraid of a dispute between the maintainer and the security team. Bug #459274, which I discussed in my previous email, should never have been file and should never have been acted on. If the security team feels they must touch a package, I'd like to have QA review it. The QA leadership is ratified by the council and has a long history of dealing with these sorts of issues which are tried and true. -- Anthony G. Basile, Ph. D. Chair of Information Technology D'Youville College Buffalo, NY 14201 (716) 829-8197
