[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: New Package Process



On Tue, 26 Apr 2005 17:03:25 -1000, Warren Togami wrote:

> Before reading the many messages in this thread, I need to state this:
> 
> NewPackageProcess was never meant to have a separate "sponsor" and 
> "review" during the package adding process.  Sponsor was to be referred 
> to only for what is necessary to get a CVS account, and "review" is the 
> process by which a package becomes approved.

No, the page explicitly refers to somebody to "sponsor your package" and
even uses the term "package sponsor".

Hence there are requests for packages to be sponsored. And these requests
come also from contributors, who are sponsored, but think they need a
package specific sponsor according to the process.

In fact, they only need [at least] a single reviewer from the list of
approved contributors, who adds another pair of eyes and approves a
package. Whether other reviewers add post-commit comments is a side-effect
of the process.

> A package must be approved explicitly by a reviewer.  Many people have
> confused this to mean "whoever submitted a review can be listed in the
> APPROVED mail".

Which is what I've pointed out before. Comments on CVS diffs usually don't
do the important steps of a real review as outlined before (security
relevant checks, set-up/config/dep verification, test-building). Based on
reading just a spec file, it's possible to find mistakes too, though, or
give hints.

> It does not really matter if CVS import happens before
> review and revisions or after, as long as an explicit approval is made
> before it is built.

Except, it doesn't make much sense to important something without review
only to find out that there are legal issues or it doesn't build due to
missing requirements (not included in Fedora Extras) or needs much work
packaging/run-time wise.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]