26 Jun
2009
26 Jun
'09
5:05 a.m.
Principally you are right, but pressing a button "report malicious package" could or should send an e-mail to this mailing list or to every TU automatically. This would be the easiest way for the users.
That could lead to spam. A better system would be similar to the out-of-date system that we currently have, with some changes. You press the "report malicious package" button, submit a reason, and then a messages gets automatically posted to the list. At the same time, it also displays on the AUR page and flagged packages can be filtered in the search the same way out-of-date packages can. The reporter would also be mentioned in the list (to prevent people from anonymously flagging packages without reason).