[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security-czar needed? WAS: Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: g
From: |
Léo Le Bouter |
Subject: |
Re: Security-czar needed? WAS: Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates? |
Date: |
Wed, 17 Mar 2021 07:24:02 +0100 |
User-agent: |
Evolution 3.34.2 |
On Tue, 2021-03-16 at 22:46 +0100, Bengt Richter wrote:
> I would feel better about running guix on my laptop if I
> knew all you developers had gotten together and elected
> a "security czar" who is the most competent of you to monitor
> security and also cares the most, and had the power to prevent
> applying unreviewed patches, and making sure all CVEs are taken
> care of, and kitchen doors not left open the way we did in the '50s.
>
> Sorry if it sounds like I think guix security is lax.
> Please convince me it's not so ;)
>
> Thanks, nevertheless, for all the great technical work!
>
> Just wish I could type
> guix --what-and-who-am-I-trusting-q --full-report
> and get a complete list, with batting averages of the
> developers (regressions vs fixes), packages (estimated
> number of times executed without problem, dangerous bugs
> in development history, etc).
>
> </rant>
>
I think we can handle this without granting us any special powers, I
like it that we don't have roles actually!
We can discuss, debate, agree to common goals, I don't think we are
going to enter into conflict, we hear each other, we communicate, I
think that's a really good thing in GNU Guix :-D
Lots of other communities enter into conflict fast and stop
communicating, GNU Guix is not that, there's a spirit of goodwill of
everyone and that's really pleasing to live as a contributor and user.
signature.asc
Description: This is a digitally signed message part
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, (continued)
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, zimoun, 2021/03/16
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Léo Le Bouter, 2021/03/16
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Leo Famulari, 2021/03/16
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, zimoun, 2021/03/16
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Leo Famulari, 2021/03/16
- Security-czar needed? WAS: Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Bengt Richter, 2021/03/16
- Re: Security-czar needed? WAS: Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Leo Famulari, 2021/03/16
- Re: Security-czar needed? WAS: Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?,
Léo Le Bouter <=
- Re: Security-czar needed? WAS: Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, zimoun, 2021/03/17
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Maxime Devos, 2021/03/16
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Tobias Geerinckx-Rice, 2021/03/16
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Vincent Legoll, 2021/03/16
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Leo Famulari, 2021/03/16
- Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Léo Le Bouter, 2021/03/17
Re: Release 1.2.1: zstd 1.4.4 -> 1.4.9: grafting or core-updates?, Léo Le Bouter, 2021/03/29