From owner-freebsd-ports@FreeBSD.ORG Fri Dec 18 11:31:42 2009 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5055C106568D for ; Fri, 18 Dec 2009 11:31:42 +0000 (UTC) (envelope-from kamikaze@bsdforen.de) Received: from mail.bsdforen.de (bsdforen.de [212.204.60.79]) by mx1.freebsd.org (Postfix) with ESMTP id 101778FC2E for ; Fri, 18 Dec 2009 11:31:40 +0000 (UTC) Received: from mobileKamikaze.norad (vpn-cl-162-190.rz.uni-karlsruhe.de [141.3.162.190]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.bsdforen.de (Postfix) with ESMTP id 72BB28A1198; Fri, 18 Dec 2009 12:31:39 +0100 (CET) Message-ID: <4B2B681A.1090908@bsdforen.de> Date: Fri, 18 Dec 2009 12:31:38 +0100 From: Dominic Fandrey User-Agent: Thunderbird 2.0.0.23 (X11/20091126) MIME-Version: 1.0 To: Mark Linimon References: <4B2A52DB.5020602@bsdforen.de> <20091218065728.GC29158@lonesome.com> In-Reply-To: <20091218065728.GC29158@lonesome.com> X-Enigmail-Version: 0.96.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: freebsd-ports@freebsd.org Subject: Re: ioquake3 support more platforms X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Dec 2009 11:31:42 -0000 Mark Linimon wrote: > On Thu, Dec 17, 2009 at 04:48:43PM +0100, Dominic Fandrey wrote: >> A committer explained to me that he doesn't want to deal with SVN >> snapshot based ports. Is that a common attitude and what should >> I do to remedy this? > > Well, the problem is that we (FreeBSD) can't guarantee whether the > contents of a resulting package are secure or not, or really, what > the contents are at all. I personally would only be comfortable with > a default setting of NO_PACKAGE in this case. Individual users could > manually override it. But that's not different for any port. E.g. sysutils/bsdadminscripts is all mine, I create the distfiles and maintain the port, their is no guarantee that I don't do evil apart from me being quite certain that I don't. Why can one assume that an ioquake release is safe? One really cannot. It's made by the same people who maintain the non-trustworthy SVN. What if I created a sourceforge project freebsd-ioquake and published my distfiles there as ioquake freebsd releases. Would it suddenly turn trustworthy? Also it's a -devel port. That kinda screams "At your own risk" right into your face. > I don't know if there is a formal policy about such ports. Probably, > there ought to be. I think there can be no guarantee given for anything whatsoever. So I do not see how a policy could be useful. -- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail?