Re: ESR: Goodbye Fedora

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



M. Fioretti writes:

There's no technical reason why an rpm file cannot include the URL of any repositories that provide packages any needed dependencies, together with the repositories' keys.

I like the concept, but for some reason which I can't point out before
sleeping I have the _feeling_ that there is some practical reason why
this wouldn't work in real life. But maybe I'm just sleepy.

I've thought about this -- there is one situation where this model breaks down. This model depends on everyone using different package names. If two repos build a different package and use the same name for both of them, this model is going to break down.

It is necessary to have some measure of self-discipline here, and people need to keep within their own boundaries, and not stick their nose where it doesn't belong. But I do not believe that it is a big concern. People running third party repos right now already exhibit discipline. Everyone else depends on them, and basically gives them carte-blanche to install arbitrary software on their own machines. That's a lot of trust, and, over the past couple of years we didn't really have many instances of this trust being abused.

Attachment: pgpd0DlYgonS5.pgp
Description: PGP signature


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux