On 9 March 2016 at 17:20, Laszlo Ersek <ler...@redhat.com> wrote: > the question in the subject is not loaded, it is not trying to suggest > the opposite. It's a genuine question.
So, with an initial disclaimer that we have to some extent cargo-culted our process here from the kernel, my view is: * we only take pull requests from known submaintainers (ie I will not take a pull request from an arbitrary person) * I don't do anything with pull requests beyond an automated build test and eyeball of the git log for any obvious howlers * a pull request is therefore equivalent to being able to directly commit to master, and so it's worth using the signed-tag machinery to ensure that we only give those rights to the people (submaintainers) we think we've given them to Conversely, a random set of patches sent to the list is supposed to be reviewed and tested by the submaintainer who applies them to their tree -- that is the gateway at which review happens. thanks -- PMM
