[aur-general] Should TUs tolarate inapropiate behavior in the AUR?
Ralf Mardorf
ralf.mardorf at alice-dsl.net
Fri Feb 12 22:46:25 UTC 2016
On Fri, 12 Feb 2016 23:11:13 +0100, William Di Luigi wrote:
>On Fri, Feb 12, 2016 at 10:37 PM, P. A. López-Valencia
><vorbote at outlook.com> wrote:
>> I do the same as well. Don't try to make the argument that "as the
>> arsehole has more packages, he deserves to be in charge".
>
>Nice strawman you got there.
>
>For the record (if you actually misread me and aren't really trying to
>mislead), I never said that nor I believe that.
Fortunately this user seems to maintain 500+ packages less, assumed the
600+ wasn't a typo:
https://lists.archlinux.org/pipermail/aur-general/2016-February/032004.html
https://lists.archlinux.org/pipermail/aur-general/2016-February/032006.html
Assumed a maintainer should maintain more than 500 packages, a
moderator/admin should automatically get informed, who then randomly
checks a few packages, e.g. if the source code comes from an upstream
server or from a suspect mirror. This should be done not to ensure that
the PKGBUILDs are 100% secure, but just to ensure that it really is a
single maintainer and not a suspect organisation providing packages.
More information about the aur-general
mailing list