[arch-dev-public] Junior developers and [staging]
pierre at archlinux.de
Sun Sep 5 06:36:08 EDT 2010
On Sun, 05 Sep 2010 10:53:59 +0200, Thomas Bächler
<thomas at archlinux.org> wrote:
> The presence of the file in the pool is not good enough. An evil
> developer could delete the file from the pool, then commit his own
If you are evil you could still mess up with the repo by bypassing
dbscripts. There is no point in assuming that there are evil developers.
> dbscripts should probably check whether a package with the same
> pkgname-pkgver-pkgrel triple is already in any other repository and then
> allow/deny adding it.
That is a plan.
Pierre Schmitz, https://users.archlinux.de/~pierre
More information about the arch-dev-public