← Back to team overview

launchpad-dev team mailing list archive

Re: Packaging permissions redux

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11-03-08 03:17 PM, Curtis Hovey wrote:
> On Tue, 2011-03-08 at 13:38 -0500, Aaron Bentley wrote:
>>> Even if a motu gets it right, the project maintainer can change
>>> the branch to something that is wrong a month later.
>>
>> That sounds like a corner case.  They would be sabotaging their own
>> project by doing so.  Is really something we need to worry about? 
> 
> This is no more worrisome than users linking to the wrong package.

I don't understand.  It seems to me that random users creating bad
packaging links is a known problem, but project maintainers sabotaging
their own projects is an extremely unlikely theoretical problem.  Why
are they equally worrisome?

> Most
> projects that have wrong links to not have translations and they do not
> have branches.

Okay, but we are trying to set it up so that when people want
translation sharing, they create these links, set up the branches if
needed, and set them to import translations if needed.

> These links are created by users who do not know Lp very
> well. Many users are trying to create PPA in fact.

So there would be little overlap with the set of users who have upload
rights on Ubuntu packages.

> So I do not see a problem here.

So you're saying because most projects won't have translations, we can't
lose information about their translations?

Aaron
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk12k8IACgkQ0F+nu1YWqI36MwCdG6/QukaTvZSGsxt36D60TC8w
HG8An21kTGHuIN+BN4uoZ7CSpo5nI9aH
=Shkj
-----END PGP SIGNATURE-----



Follow ups

References