On Monday 31 March 2008 02:29:10 Brian Harring wrote:
> Going to reiterate this one more time; the proposal is simple enough;
> if it's an implicit 0 via cpv parsing, it should *not* be explicitly
> specified on disk. 'diffball-1.0_alpha0.ebuild' can just as easily be
> specified as 'diffball-1.0_
On Thursday 03 April 2008 14:55:43 Patrick Lauer wrote:
> >> But if you don't trust anyone there is no reason why you would even
> >> try to interact with Gentoo. So at some point you will have to decide
> >> to arbitrarily trust a few entities, be it devs or servers or
> >> cryptographic keys ...
On Sat, Mar 29, 2008 at 11:37:13PM -0700, Robin H. Johnson wrote:
> The new -r5 of Grub provides a LOT of functionality and workings over
> the previous -r3 and -r4, however I would like more testers than I
> previously had.
The new grub is now out of package.mask, thanks to those that tested.
--
On Sun, Mar 30, 2008 at 12:33:54PM +, Duncan wrote:
> "Robin H. Johnson" <[EMAIL PROTECTED]> posted
> [EMAIL PROTECTED], excerpted below, on
> Sat, 29 Mar 2008 23:37:13 -0700:
> > The new -r5 of Grub provides a LOT of functionality and workings over
> > the previous -r3 and -r4, however I woul
On Thu, 2008-04-03 at 09:21 -0400, Richard Freeman wrote:
> Regardless, as long as devs actually follow policy I don't see any need
> to boot them. Maybe very long periods of inactivity should result in
> having accounts locked as a security measure (so that we don't end up
> with hundreds of s
On Thu, 2008-04-03 at 13:49 +0200, Arfrever Frehtes Taifersar Arahesis
wrote:
> > > If we used git, proxy maintaining would be easier.
> > >
> >
> > True, but with some acls we could also have a different model where people
> > worked on parts of the tree and where commit privileges didn't pose so
On 09:53 Thu 03 Apr , Thomas Anderson wrote:
> On 11:35 Thu 03 Apr , Jorge Manuel B. S. Vicetto wrote:
> > Petteri R??ty wrote:
> >>> Recalling previous discussions about work on gentoo and some of the
> >>> existing roles, what will you do to AT folks, release members or QA
> >>> members
> Petteri Räty wrote:
>
> I checked the current slacker script and it checks for having at least one
> commit in last 60 days. We could of course just change the slacker script
> to list the activity for everyone during the last 60 days and leave the
> interpretation to undertakers.
Interesting i
Chrissy Fullam kirjoitti:
Petteri Räty wrote:
Mike Frysinger kirjoitti:
This is your monthly friendly reminder ! Same bat time (typically the
2nd Thursday at 2000 UTC / 1600 EST), same bat channel
(#gentoo-council @ irc.freenode.net) !
If you have something you'd wish for us to chat about, may
> Petteri Räty wrote:
> > Mike Frysinger kirjoitti:
> > This is your monthly friendly reminder ! Same bat time (typically the
> > 2nd Thursday at 2000 UTC / 1600 EST), same bat channel
> > (#gentoo-council @ irc.freenode.net) !
> >
> > If you have something you'd wish for us to chat about, maybe e
Hi,
Mike Auty <[EMAIL PROTECTED]>:
> So the still unanswered question appears to be, would we like Gentoo
> to have fewer packages and less choice but greater QA, stability and
> a feel of professionalism, or would we like to have more packages and
> choice but a worse QA record, make some mistake
Hi,
"Wulf C. Krueger" <[EMAIL PROTECTED]>:
> > If we used git, proxy maintaining would be easier.
>
> Many things would be easier then. I'm all for switching to git.
Robbat2 is really monitoring our options...I think he would be first
to announce a git test tree. Upstream of git has to sort so
If we used git, proxy maintaining would be easier.
Many things would be easier then. I'm all for switching to git.
--
Best regards, Wulf
pgpextitGtwiV.pgp
Description: PGP Digital Signature
On 11:35 Thu 03 Apr , Jorge Manuel B. S. Vicetto wrote:
> Petteri R??ty wrote:
>> Jorge Manuel B. S. Vicetto kirjoitti:
>>> Petteri R??ty wrote:
>>>
>>>
>>> As others have commented, I don't agree with this point. Also, you're
>>> forgetting we have quite a few people working on this project a
Mike Frysinger wrote:
> This is your monthly friendly reminder ! Same bat time (typically
> the 2nd Thursday at 2000 UTC / 1600 EST), same bat channel
> (#gentoo-council @ irc.freenode.net) !
>
> If you have something you'd wish for us to chat about, maybe even
> vote on, let us know ! Simply r
Mike Auty wrote:
So the still unanswered question appears to be, would we like Gentoo to
have fewer packages and less choice but greater QA, stability and a feel
of professionalism, or would we like to have more packages and choice
but a worse QA record, make some mistakes, and have a more
commun
On Thu, 03 Apr 2008 14:55:43 +0200
Patrick Lauer <[EMAIL PROTECTED]> wrote:
> > Uh huh, which is what my original reply to Mike was all about.
> >
> > We're way ahead of you here...
> >
> Or so you think.
>
> So now that you've tried to label me as a dimwit we're past that
> stage and can now r
Ciaran McCreesh wrote:
On Thu, 03 Apr 2008 14:44:45 +0200
Patrick Lauer <[EMAIL PROTECTED]> wrote:
and then, from that design space, select the option(s) that have the
best behaviour. If you get bored you can read the not-yet-GLEPs
robbat2 has written with the help of a few others, which wou
On Thu, 03 Apr 2008 14:44:45 +0200
Patrick Lauer <[EMAIL PROTECTED]> wrote:
> and then, from that design space, select the option(s) that have the
> best behaviour. If you get bored you can read the not-yet-GLEPs
> robbat2 has written with the help of a few others, which would cut
> out a large pa
Ciaran McCreesh wrote:
On Thu, 03 Apr 2008 14:29:10 +0200
Patrick Lauer <[EMAIL PROTECTED]> wrote:
Nope. In fact, using such a system, there are ways of getting in
code that doesn't get triggered until someone's key gets
invalidated.
By this reasoning you shouldn't use passwords ...
On Thu, 03 Apr 2008 14:29:10 +0200
Patrick Lauer <[EMAIL PROTECTED]> wrote:
> > Nope. In fact, using such a system, there are ways of getting in
> > code that doesn't get triggered until someone's key gets
> > invalidated.
> By this reasoning you shouldn't use passwords ...
>
> The idea is to lim
Mike Auty wrote:
Ciaran McCreesh wrote:
|
| Signing offers no protection against a malicious developer.
|
I had envisaged a system whereby when the tree was synced, as was some
kind of master signed list of all acceptable dev-keys. Every package
would also be signed, and would only be installed
Ciaran McCreesh wrote:
On Thu, 03 Apr 2008 13:17:51 +0100
Mike Auty <[EMAIL PROTECTED]> wrote:
Ciaran McCreesh wrote:
| Signing offers no protection against a malicious developer.
I had envisaged a system whereby when the tree was synced, as was some
kind of master signed list of all accepta
On Thu, 03 Apr 2008 13:17:51 +0100
Mike Auty <[EMAIL PROTECTED]> wrote:
> Ciaran McCreesh wrote:
> | Signing offers no protection against a malicious developer.
>
> I had envisaged a system whereby when the tree was synced, as was some
> kind of master signed list of all acceptable dev-keys. Ever
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
William L. Thomson Jr. wrote:
| It's about quality not quantity maybe?
It's about both, and getting the balance right is effectively what this
boils down to (as do many discussions on -dev). There's those devs who
want high levels of QA and those de
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ciaran McCreesh wrote:
|
| Signing offers no protection against a malicious developer.
|
I had envisaged a system whereby when the tree was synced, as was some
kind of master signed list of all acceptable dev-keys. Every package
would also be signed
On Thu, 03 Apr 2008 12:56:59 +0100
Mike Auty <[EMAIL PROTECTED]> wrote:
> Petteri Räty wrote:
> | Yeah, you only need access to one ebuild to do whatever you want to
> | user's systems.
>
> Perhaps then we should direct more of our efforts towards the GPG
> package signing system, so that when a d
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Petteri Räty wrote:
| Yeah, you only need access to one ebuild to do whatever you want to
| user's systems.
Perhaps then we should direct more of our efforts towards the GPG
package signing system, so that when a dev becomes a libability, their
keys
Ciaran McCreesh kirjoitti:
On Thu, 03 Apr 2008 11:35:20 +
"Jorge Manuel B. S. Vicetto" <[EMAIL PROTECTED]> wrote:
True, but with some acls we could also have a different model where
people worked on parts of the tree and where commit privileges didn't
pose so many security risks. With the c
2008-04-03 13:35 Jorge Manuel B. S. Vicetto <[EMAIL PROTECTED]> napisał(a):
> Petteri Räty wrote:
> > Jorge Manuel B. S. Vicetto kirjoitti:
> > > As a final thought, I think this point is a tangent to the old debate
> about tree-wide commit privileges and or the scm of the tree. Afterall, if
> gent
On Thu, 03 Apr 2008 11:35:20 +
"Jorge Manuel B. S. Vicetto" <[EMAIL PROTECTED]> wrote:
> True, but with some acls we could also have a different model where
> people worked on parts of the tree and where commit privileges didn't
> pose so many security risks. With the current practice of doin
Petteri Räty wrote:
Jorge Manuel B. S. Vicetto kirjoitti:
Petteri Räty wrote:
As others have commented, I don't agree with this point. Also, you're
forgetting we have quite a few people working on this project and that
we have many different roles.
>
And you are assuming that undertakers
Fabian Groffen kirjoitti:
On 02-04-2008 21:21:25 -0400, Richard Freeman wrote:
Would it make more sense to just make a policy that failure to maintain
packages that you're maintainer on will result in getting removed as the
maintainer, with said packages going up for grabs? Devs who keep claim
Jorge Manuel B. S. Vicetto kirjoitti:
Petteri Räty wrote:
I agree with the above point.
Also, as I recall, both Pettery (betelgeuse) and Denis (calchan) have
stated before that we no longer have any queue of people waiting on
recruiters to join Gentoo. I'm not seeing an avalanche of new blood
On 01 Apr 2008 05:30:01
Mike Frysinger <[EMAIL PROTECTED]> wrote:
> If you have something you'd wish for us to chat about, maybe even
> vote on, let us know ! Simply reply to this e-mail for the whole
> Gentoo dev list to see.
I'd like initial comments from the Council on PMS please. We're
reachi
35 matches
Mail list logo
