1 |
Il giorno gio, 20/01/2011 alle 21.35 +0100, Matti Bickel ha scritto: |
2 |
> On 01/20/2011 08:42 PM, Diego Elio Pettenò wrote: |
3 |
> No. Licenses are not a valid argument to me. I'd accept that if we're |
4 |
> Debian and pushing 100% of *our* stuff as binary. What we do 90% of the |
5 |
> time is distributing text - ebuilds. |
6 |
|
7 |
So I'm not asking _you_ to waste 90% of your time discussing and |
8 |
auditing licenses. We have a team for that. |
9 |
|
10 |
At the same time I'm not going to ask the developers to all evaluate |
11 |
case by case whether they should or shouldn't keep their stuff |
12 |
available. I'm telling them to put it there rather than in another |
13 |
place; what that will change shouldn't really be a problem. |
14 |
|
15 |
> I just was curious about the reasons, as I see no |
16 |
> compelling point in *forcing* this. |
17 |
|
18 |
The reason to *force* this is two fold: we need a policy so that we stop |
19 |
the fact that everybody does as he pleases and this is replacing a |
20 |
_different_ forcing that we _used_ to have, and which I'm not surprised |
21 |
you didn't hear about, that told developers to use mirror://gentoo/. |
22 |
|
23 |
Which is unfortunately troublesome *as Ulrich and Christian already |
24 |
shown*. |
25 |
|
26 |
And since in Gentoo we cannot simply scratch rules, as otherwise people |
27 |
will keep referencing them forever and ever, a new rule replaces the old |
28 |
rule: you use dev.gentoo.org rather than mirror://gentoo/. |
29 |
|
30 |
> Take php-5.3.2: I don't care if you found a security issue in my tarball |
31 |
> or in php's tarball. I'll have a look to determine if the bug's still in |
32 |
> the newest version. If it is, I'll rename the bug. If it is not, it |
33 |
> doesn't matter to me. |
34 |
|
35 |
You might not care. I would, and it's not just a matter of being the |
36 |
current QA lead in charge, but rather a question of professionalism. If |
37 |
I would find you or another developer to have introduced a backdoor in a |
38 |
custom tarball, I'm going to have said developer booted, quickly. |
39 |
|
40 |
Again, you might not care, we have other teams that do care. Since I'm |
41 |
not asking you to do a 180° jump changing your habits, can we please |
42 |
just agree that you don't see the point but you'll follow the request |
43 |
anyway? |
44 |
|
45 |
-- |
46 |
Diego Elio Pettenò — Flameeyes |
47 |
http://blog.flameeyes.eu/ |