On Mon, Oct 04, 2021 at 02:42:58PM -0400, Matthew Miller wrote: > On Mon, Oct 04, 2021 at 05:52:33PM +0000, Zbigniew Jędrzejewski-Szmek wrote: > > > I like the idea! > > > We can block such a package from ever appearing in a compose in pungi. > > Is this really necessary? The package will not be open to anyone, > > but only for approved contributors. Malicious behaviour is not more > > likely then in any other package (and would be immediately caught). > > I think we're thinking up technical solutions to something that is > > not a problem. > > Yeah, I think making it a real package is a good idea. Maybe even a little > packaged script that runs > > xdg-open https://docs.fedoraproject.org/en-US/fedora-join/ > > ? > > The package itself can even be a gateway to onboarding for the curious, but > more importantly, it'd act more like a real package.
True. As long as there's a group of experenced folks watching it, that should be ok. kevin
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
