[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: RFC: fedora.us QA approval format

From: Michael Schwendt <ms-nospam-0306 arcor de>
To: Development discussions related to Fedora Core <fedora-devel-list redhat com>
Subject: Re: RFC: fedora.us QA approval format
Date: Fri, 2 Apr 2004 15:08:13 +0200

On Fri, 2 Apr 2004 10:38:54 +0200, Patrice Dumas wrote:

> > - Download of the sources, with md5sum check
> 
> Maybe the download should't be automatic, such that it is possible to check
> that the download url is really the right url (presumably searching first the
> project home page with google, in order not to use the url provided in the
> srpm, and verifying that it is the right download page), and not one with 
> bad package ?

Reviewers should also notice when upstream projects provide detached GPG
signatures, which can be used to verify the published tarballs.

Follow-Ups:
- Re: RFC: fedora.us QA approval format
  - From: Warren Togami

References:
- RFC: fedora.us QA approval format
  - From: Aurelien Bompard
- Re: RFC: fedora.us QA approval format
  - From: Toshio
- Re: RFC: fedora.us QA approval format
  - From: Aurelien Bompard
- Re: RFC: fedora.us QA approval format
  - From: Patrice Dumas

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]