On Fri, 4 Jun 2010, David Hrbáč wrote:
Dne 4.6.2010 10:59, Chris Butler napsal(a):
On Fri, Jun 04, 2010 at 10:03:39AM +0200, David Hrbáč wrote:
10. commit access is fine, but without build trigger etc., totally
useless...
I wouldn't say it's useless.. what's to stop you contributing a new/updated
package to the repo, then pinging someone with build access to review/build
the package? In fact, this is a good way to train up new contributors.
In my other (non-work) life as a Debian developer, we have something similar
to the above for Perl module packaging.
Well,
before point 10, there is point 9."single point of person", sorry Dag
:o) And yes it'sgoot for new contributors. How many new contributors we
have?
I'm fine with process commit-> review -> build, but at rpmforge we have
process: commit->wait for Dag 1-30 days->build. It's something I have
discussed and community with Dag and I guess Dag is unhappy about that.
Well, I am unhappy about that to a certain point. Since I am the only
person who can sign it with a key that everyone using RPMforge trusts, I
cannot allow other people to push RPM packages signed by the same key that
I haven't looked at.
If we ever would go to a situation with more than one person signing, I
don't think we can do that using the same key, or even using the same
repository. Because the people giving me that trust did not have any say
in whether they trusted 5 other people.
So for me that is already one item that is not solvable within RPMforge.
That's why it requires a new 'project', a new repository, something people
can underwrite again, that they can learn to trust. Whether it be rpmrepo,
RepoForge or both is yet to be seen.
--
-- dag wieers, [email protected], http://dag.wieers.com/ --
[Any errors in spelling, tact or fact are transmission errors]
_______________________________________________
users mailing list
[email protected]
http://lists.rpmforge.net/mailman/listinfo/users
