On Friday 25 January 2008 13:28:12 wrote Dirk Stoecker:
On Fri, 25 Jan 2008, Adrian Schröter wrote:
Is there an ETA when this is going to be fixed? I depend on it, because I intented to work on the redirector this week... for which I need a functional Apache and Apache:Modules project.
actually, I am not that sure that this should be changed.
How should an external see that this package was not build by this certain project/person ?
There is no difference between _link and _aggregate in this respect. Both rely on the source to be valid. The only difference is that the for _aggregate you theoretically need to check a whole repository (e.g. a modified build tool can introduce malware), whereas for _link only one package needs to be checked. But the trustlevel is the same.
right ... therefore the trust system will need to checked all these deps in future... -- Adrian Schroeter SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg) email: adrian@suse.de --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org