On Wed, 17 Nov 2010 14:58:16 -0500 Kaiting Chen <kaitocracy@gmail.com> wrote:
... From what I've heard I think they're capable of pushing these packages. If anyone has any concerns about Junior Dev's pushing binaries I'll be happy to audit all of their PKGBUILD's so long as they send me an email about it 12 hours in advance. --Kaiting. ...
What ? 12 hours? audit their PKGBUILDS beurocracy? no thanks. They are dev juniors, they now how to use their tools, and we are a team, if they need any support or help, they surely will contact us to help them.
So I'd say +1 to give access to the jr devs who want to be more compromised
Like I said I don't have any concerns about them maintaining packages in [extra] or [community]. Other people seem to have concerns though which is why I offered to look over their PKGBUILD's.
Kaiting.
That's why I proposed to wait 24h and to need feedback from some TUs before moving something, so every TU has the chance to take a look at the package and may give a hint or two. The 24h are simply the time around the world anything less than that is imho a bad idea, as this 12h might be the full night and working time of some of us, with 24h everyone has the chance to take a quick look at his mails and if one has time, one can at least skim through the PKGBUILD. Not directly to this mail, but I don't want to spam inboxes: To the trust level I see it as following: \- Developer \- Junior Developer \- Trusted User \- Common User * * There is no good and no bad, just AUR and everyone has his own opinions about other persons. Also there are Developers who still are Trusted Users letting Junior Developers managing some packages here is a good thing as they get to know us better and become even more familiar with the whole stuff by using not so widespread packages(=less impact for user base). That's it for me, I guess everyone has given his opinion, else we should open a vote. Kaiting: Worrying about every more or less paranoid user is not the right thing, we do this mostly for the general user base and if someone does not trust us or any developer, that person can simply deactivate the repository and get PKGBUILDs via abs to check and to build by himself. Regards Thorsten -- Jabber: atsutane@freethoughts.de Blog: http://atsutane.freethoughts.de/ Key: 295AFBF4 FP: 39F8 80E5 0E49 A4D1 1341 E8F9 39E4 F17F 295A FBF4