> > I do agree that some tighter security controls would be nice on LuaRocks > > and its community, but the reality is that it is still a one-man- > operation. > > That's totally true, we can't expect Hisham to scale up indefinitely ;) > How to distribute the load? > (On the integration side, Andrew Starks has made a CI server available to > LuaDist and LuaRocks)
First question to answer is the security one raised by Jack. Casu is that a broken spec remains broken until someone takes over. So how can we make the 'taking over' part as solid as possible? A simple set of rules like; - create an issue on the issue tracker of the project (or other means listed by the original owner) - if no response in a month, then in 3 months 3 notices on the LR list for the creator/maintainer to respond to a request for a takeover. Each notice containing links to the previous efforts (to make sure it is public). Last one also on Lua list??? - if no response, fork project, and asap create a new rockspec pointing to the new locations It would be a public process, and would be shared on the list (not depending on Hisham). Could something like this work? Thijs ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ Luarocks-developers mailing list Luarocks-developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/luarocks-developers
