[Dev] the 'your-privacy' blacklisting process should be more rigorous
Andreas Grapentin
andreas at grapentin.org
Tue Jun 20 04:45:06 GMT 2017
On Tue, Jun 20, 2017 at 12:32:45AM -0400, Bill Auger wrote:
> i propose that each of those blacklisted programs should have a
> detailed explanation as to what precisely are its problematical points
> - they should also indicate whether or not a replacement exists in the
> 'libre' or 'non-prism' repos and perhaps with a link to any relevant
> discussion that took place regarding that package and ideally pointing
> at the actual non-free components or privacy invading mechanism in the
> code itself - in cases where no replacement exists it would be
> reasonable to say why that is so (either it is technically not
> possible or simply no one has had the time to do it yet) - in the
> latter case it could also be added to the under-utilized "Package Todo
> List" https://www.parabola.nu/todo/ which currently has exactly 3
> items on it from 2010 - without such information only the person who
> blacklisted the package knows why and so it will probably never be
> rescued
+1 to this entire proposal.
I would just add that there should also be a wiki page outlining the
process of blacklisting packages that explicitly states these
documentation requirements, to make the process more fluid in the
future.
-A
--
------------------------------------------------------------------------------
my GPG Public Key: https://files.grapentin.org/.gpg/public.key
------------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20170620/71a58184/attachment.sig>
More information about the Dev
mailing list