On Sun, 2014-04-20 at 18:56 +0200, Kevin Kofler wrote: > Jaroslav Reznik wrote, on behalf of Matthias Clasen: > > The Software Collections repositories will be enabled by default. > > So we now allow shipping the configuration for third-party repositories, > even enabled by default? Is April 1st still not over yet? > > If you want those packages in Fedora, they need to get into the Fedora > repository.
THREAD NECRO ALERT I wouldn't put it as strongly as Kevin, but I do have some concerns about the implications here. Notably, https://www.softwarecollections.org/en/docs/licensing/ states: "We do not review source or packages for suitability of purpose, quality, or licensing" Fedora provides rather stronger guarantees on that front in our 'official' repositories. It seems like SCL has more or less the same policies and intents as Fedora, but is explicitly less proactive about 'policing' them. It therefore seems like this feature increases the risk to Fedora as a whole of 'blessing' badly broken or incorrectly licensed software. It would be nice to emphasize the distinction between software from the Fedora repositories and software from the SCL project, at least. yum and dnf do this to at least a limited extent already (you can see what repo a package is coming from, when you install it), but have we considered whether that's sufficient, and if it would be worthwhile to try and improve on it? -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
