On Fri, 12 Oct 2018 15:20:56 +0200, Wolfgang Rosenauer wrote:
Hi Takashi,
talking about only mercurial here.
Am 12.10.18 um 15:15 schrieb Takashi Iwai:
due to the lack of time, I'd like to give away my maintainership of two packages: git and mercurial. More strictly speaking, it's about "Bugowner" field that needs to be re-assigned.
Since both are commonly used programs, I hope someone will take over it and I can avoid submitting deletereq for them :)
I'm a bit surprised:
wolfi@Hygiea:~> osc maintainer -e mercurial Defined in package: devel:tools:scm/mercurial bugowner of mercurial : wolfgang@rosenauer.org, tiwai@suse.com
maintainer of mercurial : wolfgang@rosenauer.org, tiwai@suse.com, develop7@develop7.info
The package is actually well maintained AFAICT. develop7 is very quick in getting new versions in and I also care. It's true that for maintenance requests (aka security fixes) it mainly fell back to you. Not sure if that is because you were faster in reacting or you carry a suse.com address and the security people consider this primary above a community contributor?
I don't think we have any big issue regarding the develproject itself. We can take the latest-and-greatest version if any security problem comes up, and that's easy. It's all for TW. And we are lucky that there are multiple great people contributing to these packages. So, I think I can just step down from devel:tools:scm/mercurial. But, as you stated, it comes to an interesting question when the topic is about security, especially for Leap (that is actually SLE). In general, the security issues are shared only among limited people at an initial state. That's the reason SUSE people may get information earlier (and hence often responsible to react earlier, too). How can it be communicated with the external community maintainer? I don't know -- it's a question to security team, I suppose. thanks, Takashi -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org