Twice recently I've had changes made to ports I maintain without respecting the maintainer timeout (and not for any urgent security-related reasons). The first was py-serial, where the change was merged without waiting for the maintainer timeout. And just now I see that someone abused their write access to bypass the PR mechanism entirely for a gpsd update, so that I wasn't even notified of the change. And I've had good reason to hold off on updating gpsd, due to its missing dependency on asciidoctor, which is currently broken on some platforms due to the insistence on tying it to a broken version of ruby, which I've actually been working on fixing.
Is this now the Wild West? Fred Wright
