From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JhAk5-0006Er-58 for garchives@archives.gentoo.org; Wed, 02 Apr 2008 21:43:37 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 58BDBE05A8; Wed, 2 Apr 2008 21:42:41 +0000 (UTC) Received: from out4.smtp.messagingengine.com (out4.smtp.messagingengine.com [66.111.4.28]) by pigeon.gentoo.org (Postfix) with ESMTP id 3B236E05A8 for ; Wed, 2 Apr 2008 21:42:41 +0000 (UTC) Received: from compute1.internal (compute1.internal [10.202.2.41]) by out1.messagingengine.com (Postfix) with ESMTP id 0F8BDE4C10 for ; Wed, 2 Apr 2008 17:42:41 -0400 (EDT) Received: from heartbeat1.messagingengine.com ([10.202.2.160]) by compute1.internal (MEProxy); Wed, 02 Apr 2008 17:42:40 -0400 X-Sasl-enc: AB8GJMTVkMvi1gw9Yr6jhcLzdX8C71Qgj68LwaEU75DF 1207172560 Received: from [192.168.188.1] (82-71-33-97.dsl.in-addr.zen.co.uk [82.71.33.97]) by mail.messagingengine.com (Postfix) with ESMTPSA id 8553A14E01 for ; Wed, 2 Apr 2008 17:42:40 -0400 (EDT) Message-ID: <47F3FDCE.2000507@gentoo.org> Date: Wed, 02 Apr 2008 22:42:38 +0100 From: Mike Auty User-Agent: Thunderbird 2.0.0.12 (X11/20080330) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Monthly Gentoo Council Reminder for April References: <20080401092610.EEF7467349@smtp.gentoo.org> <47F3F098.1050508@gentoo.org> <47F3F860.6080200@gentoo.org> <47F3FA1C.7010407@gentoo.org> In-Reply-To: <47F3FA1C.7010407@gentoo.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 774a34f6-e4a6-4942-b4d0-384a9b54de40 X-Archives-Hash: ce803dac8924a98ea61c43b1aaf5ad48 Petteri R=C3=A4ty wrote: > If you can't manage weekly commits, you can't respond to security issue= s=20 > either. I can see your point, I was more thinking about developers who have=20 maybe one or two small packages that don't have many version bumps or=20 bugs. They may be entirely able to respond to security issues, but may=20 not have reason to make the weekly commit quota. I don't know the=20 habits of developers well enough to know if this is a reasonable scenario= ? I was under the impression that if a dev couldn't respond quickly enough=20 to a security issue, the security team could take steps (mask the=20 package, try to fix it) to ensure the package doesn't pose a problem (as=20 is presumably the case now with devs who forget to mark themselves as=20 away). Depending on the actions you envisaged (sending a warning email,=20 marking as away or retiring) this could create a lot of extra work for=20 little benefit. If it was simply a warning email it might not be very=20 pointful, but marking them as away then it sounds like it could be=20 useful and automated... 5:) Mike 5:) --=20 gentoo-dev@lists.gentoo.org mailing list