[aur-general] Reply to your request SGE

Manhong Dai daimh at umich.edu
Tue Oct 13 02:38:02 UTC 2020 

I actually did read your email. You said I cannot get a simple thing such
as pkgver right.

Let me explain to you, from your point of view, you certainly want to have
some rule or guideline to make all the package  has the same standard. That
is understandable and it is what make Arch Linux popular. I would love to
be compliant with the rule whenever I have the resource, and I did with all
other my AUR packages.

>From my point of view, a pkgver is not the point here. I do need to make my
modified SGE package can be compiled with the latest SSL, GCC, other Linux
contribution, and can be used to upgrade an old node without losing
configuration. No matter how bad a pkgver is defined, an Arch Linux with a
working SGE is away better, right?

The problem is actually not on my side. Your request system has my email
address, I sent you a request after the package was adopted, some
bystanders figured  out I didn't get any reply and sent your reply to me,
That is when I knew that the request is also in the mail list, and such
email list exists......

Because you are attacking my capability, and I believe everybody who can
read will know your claim is actually baseless, I did ignore your personal
attack in my previous email.

Yes, I can say sorry about ignoring hat.


Best,
Manhong
Sent from phone

On Mon, Oct 12, 2020, 10:11 PM Doug Newgard <scimmia at archlinux.org> wrote:

> On Mon, 12 Oct 2020 20:30:11 -0400
> Manhong Dai via aur-general <aur-general at archlinux.org> wrote:
>
> > Thanks a lot for your reply! I commented on the package hoping the new
> > maintainer can return the maintainer  to me.
> >
> > But I am willing to answer your question.
> >
> > A pull request needs a lot of effort to check. The pull request changed a
> > lot of files and it is not that easy to see if the change is not
> malicious.
> > That being said, now do you understand that why I would trust a 'trusted
> > user' more? After all, 'trusted user' was named so for a reason, right?
> >
> > If changing package status to 'out of state ' doesn't send any
> > notification, it is SCARY. Not everybody can  check out the aur email
> list
> > everyday and we all work on there packages for free.  Why it is scary?
> What
> > if a malicious user submit a ticket like this and the become the
> maintainer
> > for a package that is not popular but could access sensitive data, like
> SGE?
> >
> > Think about it, the disowning already sends notification, why doesn't the
> > warning 'out of state' send the email?
> >
> > On another note, maybe the AUR package should be named like github does.
> > Adding the user name to the path will save such headache for both you and
> > me......
> >
> >
> > Best,
> > Manhong
> > Sent from phone
>
> You didn't read a single word I wrote. Don't bother replying if you can't
> read.
>

More information about the aur-general mailing list