On Wed, Aug 02, 2017 at 11:15:23AM +0200, Pavel Sanda wrote: > Richard Heck wrote: > > It's obviously up to you, Scott, as release manager, but I agree with > > Enrico, > > to some extent, that this isn't the best policy. We have spent an enormous > > amount of time on this and finally have come to some kind of resolution. It > > really would be best to close that part of the debate and spend our time > > figuring out how to make the needauth and shell-escape stuff as secure as we > > can make it, given the present framework. Time spent re-litigating the > > questions about the framework is going to be wasted time. > > +1
I did not expect such strong opinions against a second vote. I expected the point about a second vote being unfair, but since I did not consider the first vote fair (due to my poor structuring of the options), I chose to do a second vote. But it seems I did not correctly estimate the cost of a second vote, not just in terms of time, but I think in other dimensions as well. I am going to take the advice of the senior developers and to cancel the second vote. In this decision to cancel the second vote, in addition to experience of the developers who gave their opinions (on the list as well as through private email), it also made a difference that Pavel, who did not vote for option 3, and who was part of the reason I decided to have a second vote (because his was one of the opinions not represented as an option), also supports canceling the second vote. Further, I do remember asking for one final cognitive spurt. And I really appreciate those who gave it. So the situation is as Richard described it: we can of course decide to remove something before the final release. But as of now, there is no future vote planned on this issue. Thanks to everyone for your help and advice, Scott
signature.asc
Description: PGP signature
