On Mon, Sep 21, 2015 at 1:01 PM, Owen Taylor <otay...@redhat.com> wrote:
> Do we trust this code or not? If not, we should either a) sandbox it or b) > delete it. > > Moving less-trusted loaders into a separate repo is a blame-the-user or > blame-the-os-vendor move, depending on who installs them onto the system. > The only way to prevent the blame game you mention in a typical distribution where everything is installed through packages would be to stop supporting out of tree modules entirely, if I interpret your concern correctly. My point is that as long as that's the case, at least maintaining them in a central location gives people an aggregation point for fixes. Cosimo
_______________________________________________ gtk-devel-list mailing list gtk-devel-list@gnome.org https://mail.gnome.org/mailman/listinfo/gtk-devel-list