On Fri, 25 Jan 2008, Adrian Schröter wrote:
Is there an ETA when this is going to be fixed? I depend on it, because I intented to work on the redirector this week... for which I need a functional Apache and Apache:Modules project.
actually, I am not that sure that this should be changed.
How should an external see that this package was not build by this certain project/person ?
There is no difference between _link and _aggregate in this respect. Both rely on the source to be valid. The only difference is that the for _aggregate you theoretically need to check a whole repository (e.g. a modified build tool can introduce malware), whereas for _link only one package needs to be checked. But the trustlevel is the same. Ciao -- http://www.dstoecker.eu/ (PGP key available)