Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installe

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installe

From:	Lars Ingebrigtsen
Subject:	Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS
Date:	Sun, 09 Oct 2022 16:21:12 +0200
User-agent:	Gnus/5.13 (Gnus v5.13)

Philip Kaludercic <philipk@posteo.net> writes:

> It seems to me that fetching a package from source is no more dangerous
> than fetching a tarball, seeing as the tarball is automatically
> generated from the repository.

It doesn't matter much whether it's a tar ball or a git repo (although
there is signing of the tar balls), but whether there's any oversight at
all or not.  All commits to Non/GNU ELPA end up on a mailing list, which
provides a smidgen of transparency, which is better than none.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Philip Kaludercic, 2022/10/08
- Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Lars Ingebrigtsen, 2022/10/08
  - Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Philip Kaludercic, 2022/10/08
    - Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Lars Ingebrigtsen <=
    - Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Philip Kaludercic, 2022/10/09
    - Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Lars Ingebrigtsen, 2022/10/09
    - Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Philip Kaludercic, 2022/10/09
    - Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Lars Ingebrigtsen, 2022/10/10
    - Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Philip Kaludercic, 2022/10/10
    - Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS, Philip Kaludercic, 2022/10/13
    - Fetching or installing package dev source from VCS: names, Richard Stallman, 2022/10/15
    - Re: Fetching or installing package dev source from VCS: names, Philip Kaludercic, 2022/10/16
    - Re: Fetching or installing package dev source from VCS: names, Richard Stallman, 2022/10/18
    - Re: Fetching or installing package dev source from VCS: names, Philip Kaludercic, 2022/10/19

Prev by Date: Re: Renaming eglot -- or at least add an alias?
Next by Date: Re: vtable: Add column weights feature
Previous by thread: Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS
Next by thread: Re: feature/package+vc 04c4c578c7 3/4: Allow for packages to be installed directly from VCS
Index(es):
- Date
- Thread