On Fri, 2006-06-09 at 20:32 +0100, Ciaran McCreesh wrote: > On Fri, 09 Jun 2006 20:06:04 +0100 Christel Dahlskjaer > <[EMAIL PROTECTED]> wrote: > | I'd say that it's entirely possibly for some non-dev to sneak > | malicious code into the tree as is now, just as it will be possible > | to do in an overlay. > | > | It's not like it's particulary difficult to have someone proxy for > | you, and let's face it, if someone is willing to do so then they > | probably can't be arsed checking that what they are committing is > | clean and nice.. I mean, I trust you, right? > > Huge difference between committing a few things for a person you know, > where you have time to review code, and bulk committing random stuff > where you don't have time to check anything. That's the deal here -- if > a large number of developers can't handle maintainer-wanted, what makes > people think a far smaller number can without screwing up?
I was actually agreeing with you. I also believe to be mistaken as I believed that all overlays on o.g.o would be in the style of say the existing PHP and Haskell overlays, and as such those with access would be trusted contributors, and I also believed that the individual projects would be making sure that they were testing and reviewing whatever patches were made to their stuff.
signature.asc
Description: This is a digitally signed message part
