apt-get.org

Andrew Mitchell ajmitch at ihug.co.nz
Mon Mar 28 05:50:56 CST 2005 

On Mon, Mar 28, 2005 at 01:38:13PM +0200, Oliver Grawert wrote:
> hi,
> Am Montag, den 28.03.2005, 12:31 +0200 schrieb Daniel Holbach:
> > I already talked to some people about it and here are the questions that
> > turned up, I hope they're leading to those decisions we'll have to make:
> >       * How do we further cope with apt-get.org?
> >       * Will there be a MOTU and a apt-get.org route of getting packages
> >         in?
> >       * Will we have another repository, like main, restricted,
> >         universe, multiverse, apt-get.org?
> >       * How do we get repository maintainers to work closely with us and
> >         shall we provide them with an easy entry path as
> >         Members/MOTUs/Maintainers?
> i think having a separate apt-get.org repository would be the best way
> to go.
> 
> we need to distinguish between the well worked MOTU packages that
> recieve a lot of reviews and QA work, where MOTU guarantees a certain
> minimal quality level and probably aliened or checkinstall built
> packages that dont comply with any standard.
> 
> it would be very unfair in the face of the MOTUs that donated a lot of
> their time to learn secure and standard compliant packaging to match a
> quality level and then make their work pointless with a automatic
> importing of apt-get.org (a huge warning "this software may contain
> rootkits and backdoors and is not extensively reviewed" should also be
> added)
> 
> dont get me wrong, i understand and like the idea of having apt-get.org
> included very much, but please draw a clear line between MOTU and
> apt-get.org packages, else you devaluate their marvellous work.
> 
> indeed apt-get.org can be a good entry point for new
> members/MOTUs/Maintainers, but we shouldnt forget that they have to go
> the way through signing the CoC up to learning to make clean packages
> too, i'd like to highly avoid every unfairness in the processes we
> currently have.
> 
> otherwise the idea that no user ever has to touch his sources.list file
> anymore is one of the greatest :)
> 
> ciao
> 	oli

I agree, we shouldn't just go for quantity when the quality may be suspect.
We all made mistakes when packaging at one point, and having the unreviewed
packages alongside the reviewed & tested imports from debian or MOTU-checked
packages wouldn't reflect well on Ubuntu, I fear.

-- 
Andrew Mitchell
Email: ajmitch at gnu.org
JID: ajmitch at jabber.org

More information about the ubuntu-devel mailing list