On 2006-05-31 14:47:31 +0200, Adrian Schröter wrote:
Am Wednesday 31 May 2006 13:04 schrieb Martin Schlander:
Quick question about the buildservice repos.
Is there an easy way to know who built what?
Though supplementary was unsupported I always took comfort in knowing it was built by SUSE packagers - and I considered it at least semi-official. Is there a way to assess the "risks" involved with the different repos on the buildservice? Or should everything just be considered 100% unofficial?
depends what you mean with unofficial. Supplementarry updates from ftp.suse.com were also unofficial from the view of SUSE.
However, you have valid point, is not obvious how much you can trust these packages. We do plan to create a user and trust system later this year where you can see how is creating these packages and what the community think about these people.
For now, only a limited number of people do have access and many of them are involved in the software projects they are building. So I doubt that someone has some interest to harm them. (Downloading, compiling and install the source has usually the same risk level).
and you can always report broken rpms on opensuse-packaging/opensuse-buildservice so we can take care of them and the packager. darix -- openSUSE - SUSE Linux is my linux openSUSE is good for you www.opensuse.org