Trust and the Repository

Added by jahoti 7 months ago

Perhaps this would be better as an issue; however, I've promised a forum thread and a forum thread I will deliver.

Anyway, part of creating a community repository of software is maintaining trust in it. What steps will we take to do that, and how urgent are they?

Options that come to mind so far are:

  • "grant people different roles with different privileges regarding package uploading, testing repo, etc." ( koszko )
  • Publish clear criteria for inclusion/exclusion from the repository, promotion or demotion from roles, etc.
  • A traffic-light-like system for scripts, showing how thoroughly they are trusted