Hi Neal, > On 18. Dec 2024, at 10:21, Neal Gompa <ngomp...@gmail.com> wrote: > > One thing I hope we never do is allow something to be principally > owned by groups as a rule.
See https://src.fedoraproject.org/rpms/stunnel, or https://src.fedoraproject.org/rpms/gnutls, owned by @crypto-team. > As a general practice, "groups" are bad at > being responsible for packages when the chips are down. It is > difficult to figure out if a package is being administered. Having a > singular point of contact in that scenario is beneficial, and I would > prefer we maintain that going forward in any new system. Do you have the impression that stunnel or gnutls are not well maintained in Fedora? While I sympathize with your concerns, this really comes down to the particular group that maintains these packages. The Fedora crypto team (which is equivalent to the RHEL crypto team, essentially) does take good and active care of its components, even though they are maintained by a group. In fact, those packages being maintained by a group is actually an advantage for Fedora, because we will collectively monitor and, if necessary, act on tickets even when the primary maintainer is currently out of office. As a consequence, I am very much opposed to a rule that would require packages to be maintained by single individuals. Are there such cases as you describe? Absolutely! Should they be a reason to completely ban groups? No. -- Clemens Lang RHEL Crypto Team Red Hat -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
