Am Wednesday 31 May 2006 13:04 schrieb Martin Schlander:
Quick question about the buildservice repos.
Is there an easy way to know who built what?
Though supplementary was unsupported I always took comfort in knowing it was built by SUSE packagers - and I considered it at least semi-official. Is there a way to assess the "risks" involved with the different repos on the buildservice? Or should everything just be considered 100% unofficial?
depends what you mean with unofficial. Supplementarry updates from ftp.suse.com were also unofficial from the view of SUSE. However, you have valid point, is not obvious how much you can trust these packages. We do plan to create a user and trust system later this year where you can see how is creating these packages and what the community think about these people. For now, only a limited number of people do have access and many of them are involved in the software projects they are building. So I doubt that someone has some interest to harm them. (Downloading, compiling and install the source has usually the same risk level). bye adrian -- Adrian Schroeter SUSE Linux Products GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany email: adrian@suse.de