Those questions are legitimate, but I haven't been concerned about them.
There is a related question that I would tackle before those:
liability/vulnerability wrt expectations of the users of the package
catalog.
Scenarios that come first to mind involve someone having something bad
happen (
I noticed that there is not TOS or EULA when you sign up for the
package catalog. Is there actually some licensing agreement we have
between the maintainers of the package server and the community
members that put packages there?
If not, we really should have one. Otherwise we are opening ourselve
2 matches
Mail list logo
