Author Topic: Be a paranoid packager. (Read 748 times)

Texstar · « **on:** November 23, 2011, 09:35:57 PM »

When considering whether to package a request for a new piece of software you should always put on your paranoid hat.

1. Who is requesting the package? Is it someone you know that is an established community member or someone who just logged in and their first post is a package request? I always get suspicious if the person requesting we package the software and put it in our repo is the same person who wrote the software.

2. Check to see if anyone else is packaging the software by going to

http://rpm.pbone.net/

and

http://www.debian.org/distrib/packages

I always feel better if I see the software being packaged by another distribution. Someone has looked at the code and felt comfortable including it in their software repository.

3. Is the software hosted on sourceforge or some obscure website you never heard of before? If hosted on sourceforge is it a new project or has it been established for a while?

Archie · « **Reply #1 on:** November 23, 2011, 10:39:41 PM »

Aha, so this is where this went ...

Anyway, allow me to add a bit more on what Texstar had already posted.

Google the app and read the reviews as well.
If you somehow did package an obscure app, request for some testers AND test it on your own environment such as a LiveUSB or virtual machine.

These are some of my package refs that I'd like to share:
http://pkgs.org/
http://pkgs.repoforge.org/
http://packman.links2linux.org/updates

Some others are the obvious ones:
http://freshmeat.net/
https://github.com/
https://bitbucket.org/

IMPORTANT: Always double check the app you want to package, reviews, forums, wikis, feature request, etc.

Neal ManBear · « **Reply #2 on:** November 23, 2011, 11:40:54 PM »

The more paranoid, the better, when it comes to our repos. My opinion. As packagers, it is our responsibility to protect the integrity of our repos and the security of our fellow PCLinuxOS users. I hope we never fail in this.

lightwarrior · « **Reply #3 on:** November 24, 2011, 10:18:10 AM »

Quis paranoiet ipsos paranoia

(Quis custodiet ipsos custodes?)

*Edit*
In English:
Who will paranoid the paranoic?
(Who will police the police?)

Neal ManBear · « **Reply #4 on:** November 24, 2011, 10:55:19 AM »

Quote from: lightwarrior on November 24, 2011, 10:18:10 AM

Quis paranoiet ipsos paranoia
(Quis custodiet ipsos custodes?)

Latin? Try English.

muungwana · « **Reply #5 on:** November 24, 2011, 11:08:47 AM »

Quote from: Archie on November 23, 2011, 10:39:41 PM

Aha, so this is where this went ...

... and where did this come from?

menotu · « **Reply #6 on:** November 24, 2011, 11:47:48 AM »

Quote from: muungwana on November 24, 2011, 11:08:47 AM

Quote from: Archie on November 23, 2011, 10:39:41 PM
Aha, so this is where this went ...

... and where did this come from?

Possibly this?

http://www.pclinuxos.com/forum/index.php/topic,99377.msg848244.html#msg848244

Archie · « **Reply #7 on:** November 24, 2011, 03:31:41 PM »

Elementary, my dear menotu.

PCLinuxOS-Forums

News:

Author Topic: Be a paranoid packager. (Read 748 times)

Texstar

Be a paranoid packager.

Archie

Re: Be a paranoid packager.

Neal ManBear

Re: Be a paranoid packager.

lightwarrior

Re: Be a paranoid packager.

Neal ManBear

Re: Be a paranoid packager.

muungwana

Re: Be a paranoid packager.

menotu

Re: Be a paranoid packager.

Archie

Re: Be a paranoid packager.