[aur-general] TU membership application

Matthew Sexton wsdmatty at gmail.com
Sun Sep 1 15:13:06 UTC 2019

On Sunday, September 1, 2019 9:39:37 AM EDT Xyne wrote:

> The lackadaisical approach to sponsorship is one of the main reasons that
> we've moved to a system with two sponsors. Maybe I missed the joke, but
> having nothing against someone and wanting to see a particular package in
> community is not a good enough reason to sponsor someone. A TU application
> may not be a matter of life and death but the process should be taken
> somewhat seriously nevertheless given how many people could be potentially
> impacted if a malicious candidate is accepted. 

>  We need to agree to set the bar a little higher.

That kinda speaks to the 'trust' in 'Trusted User'. It's not just "Oh hey, I 
want to contribute, give me the keys to the kingdom". You need to be vetted 
and checked out. Not just because of the potential for bad actors, but I think 
you also need to show you're actually capable of doing the job being asked of 
you. Sponsoring a TU applicant that you're friendly with, but has no real 
experience in packaging or any sort of development background, does a 
disservice to the community. It's not just, "Does the sponsor Trust this 
person" But "Can the community Trust this person?" I'm not saying that this is 
the case for this application, but that's the reason, I feel, why the process 
is involved as it is. Heck, it could be more intensive and I'd still say 
"Yeah, that's appropriate."

Like Xyne said, not commenting on the TU application at all. Just responding 
with my thoughts to his comments.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.archlinux.org/pipermail/aur-general/attachments/20190901/6420580b/attachment.sig>

More information about the aur-general mailing list