On 15 Jun 2016 17:12, "Rahul Sundaram" <methe...@gmail.com> wrote:
>
>
>
> On Wed, Jun 15, 2016 at 11:45 AM James Hogarth wrote:
>>
>> Considering how this actively negates the security of our distribution
and how this is being promoted in the media, with them pointing to the
snapcraft site and the instructions there with COPR looking like it's on
approved Fedora infrastructure (for those who don't understand anyone can
COPR and there is no review) I honestly wonder if this is a good case for
pulling a COPR repo...
>>
>> Would FESCO have authority here or is that going to be inadvisable a
road?
>
> Extremely inadvisable.   Copr exists in part for experimental packages.
When you enable a copr repo, you are warned that this is not part of the
official infrastructure and you are relying on the packager alone for any
support.   Pulling a COPR repo for anything other than violation of
published guidelines such as legal issues will look political even if you
have legitimate technical concerns about the quality of the software.   Do
you want Canonical to pull the Flatpak PPA because the quality of Flatpak
on Ubuntu isn't perfect?
>
>

If it was being widely advertised via the sponsoring entities PR department
the new secure thing whilst disabling the security in the system and trying
to look officialish then honestly yes I would.
--
devel mailing list
devel@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org

Reply via email to