| 1 |
On Fri, 2006-06-09 at 20:32 +0100, Ciaran McCreesh wrote: |
| 2 |
> On Fri, 09 Jun 2006 20:06:04 +0100 Christel Dahlskjaer |
| 3 |
> <christel@g.o> wrote: |
| 4 |
> | I'd say that it's entirely possibly for some non-dev to sneak |
| 5 |
> | malicious code into the tree as is now, just as it will be possible |
| 6 |
> | to do in an overlay. |
| 7 |
> | |
| 8 |
> | It's not like it's particulary difficult to have someone proxy for |
| 9 |
> | you, and let's face it, if someone is willing to do so then they |
| 10 |
> | probably can't be arsed checking that what they are committing is |
| 11 |
> | clean and nice.. I mean, I trust you, right? |
| 12 |
> |
| 13 |
> Huge difference between committing a few things for a person you know, |
| 14 |
> where you have time to review code, and bulk committing random stuff |
| 15 |
> where you don't have time to check anything. That's the deal here -- if |
| 16 |
> a large number of developers can't handle maintainer-wanted, what makes |
| 17 |
> people think a far smaller number can without screwing up? |
| 18 |
|
| 19 |
I was actually agreeing with you. |
| 20 |
|
| 21 |
I also believe to be mistaken as I believed that all overlays on o.g.o |
| 22 |
would be in the style of say the existing PHP and Haskell overlays, and |
| 23 |
as such those with access would be trusted contributors, and I also |
| 24 |
believed that the individual projects would be making sure that they |
| 25 |
were testing and reviewing whatever patches were made to their stuff. |
Archives