On 15 Jun 2016 17:12, "Rahul Sundaram" <methe...@gmail.com> wrote: > > > > On Wed, Jun 15, 2016 at 11:45 AM James Hogarth wrote: >> >> Considering how this actively negates the security of our distribution and how this is being promoted in the media, with them pointing to the snapcraft site and the instructions there with COPR looking like it's on approved Fedora infrastructure (for those who don't understand anyone can COPR and there is no review) I honestly wonder if this is a good case for pulling a COPR repo... >> >> Would FESCO have authority here or is that going to be inadvisable a road? > > Extremely inadvisable. Copr exists in part for experimental packages. When you enable a copr repo, you are warned that this is not part of the official infrastructure and you are relying on the packager alone for any support. Pulling a COPR repo for anything other than violation of published guidelines such as legal issues will look political even if you have legitimate technical concerns about the quality of the software. Do you want Canonical to pull the Flatpak PPA because the quality of Flatpak on Ubuntu isn't perfect? > >
If it was being widely advertised via the sponsoring entities PR department the new secure thing whilst disabling the security in the system and trying to look officialish then honestly yes I would.
-- devel mailing list devel@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
