Re: [dev] Checksums and Sig files for release gzip from Sebastian LaVine on 2021-04-17 (dev mail list archive)

From: Sebastian LaVine <mail_AT_smlavine.com>
Date: Sat, 17 Apr 2021 02:18:08 -0400

On 4/17/21 1:45 AM, Sagar Acharya wrote:
> Ok. But this is a behavioral change right? How can a patch help in this case?
>
> Admins always protest the decision in almost every community if it isn't theirs. Am I suggesting something harmful here? It takes a minute to sign a release and this improves security. It makes sure that user gets the same piece of code that the dev made.

Decision-making takes time and effort. I don't know Hiltjo and the
others who run suckless, but I'm sure that they are busy folk who handle
lots of different things, not just suckless. They may even occasionally
have fun.

It's not a matter of whether or not this is "harmful". It's a matter of
whether or not it is important enough to make a change to the release
routines that have come about over the years (decades?) that they've
been doing this. It may take a minute to sign a release. But does it
take a minute to change the website so that the checksums are shared
properly? Does it take a minute to coordinate this change across all the
various suckless products? As the debate in this thread has shown: does
it take a minute to decide which algorithm should be used?

> If that action helps suckless, why be reluctant because I initiated that mail?
It is possible that some may be reluctant to take suggestions on how
long-standing ways of doing things should be changed from somebody who,
as far as I can tell from the dev list archive, has only contributed so
far by suggesting that long-standing ways of doing things should be changed.

Of course I'm saying this as somebody who has I think contributed to
this list maybe...five or six times in total? 99.9% of the time I just
lurk and read through patches a bit, follow conversations on things. The
technical debate that goes on, I can barely follow sometimes. I just
like my dwm comfy and to stay on top of things that are going on.

What I mean to say is, don't be discouraged if immediate action isn't
taken on something that you have thought about and that you think is
worthwhile. Time moves slowly, especially on mailing lists. As Hiltjo said:

> The admins team will make a decision about this if needed.

-- 
Sebastian LaVine | https://smlavine.com

Received on Sat Apr 17 2021 - 08:18:08 CEST

This archive was generated by hypermail 2.3.0 : Sat Apr 17 2021 - 08:24:08 CEST