On Thu, 24 Jan 2008 17:09:26 +0000 (UTC) Kevin Kofler <kevin kofler chello at> wrote: > I think a FL-like project with _no_ QA (i.e. working like FE used to > (as soon as the package is built, it gets signed and released in the > next push), but without ACLs or even a honor-based concept of > maintainership like in the old FE) would be more likely to work. If > someone wants to fix a security issue in a package, let them do it > and push the package immediately as soon as it's available. That's pretty terrible because now you have no trust that the issue was actually fixed. -- Jesse Keating Fedora -- All my bits are free, are yours?
Description: PGP signature