[Catalog-sig] PEP 345 Update
Laura Creighton
lac at openend.se
Mon Aug 23 13:44:09 CEST 2010
In a message of Mon, 23 Aug 2010 04:09:17 +0200, Tarek Ziadé writes:
<snip>
>Frankly, I don't really understand why you are concerned with this trust
>issues,
>a end-user that installs a software is already trusting it, since it
>installs it...
>
>If you don't trust a project, and in particular what it claims in its
>Obsoletes or
>Conflict fields, just don't install it, and you'll be fine.
>
>
>Tarek
I need to be able to download packages so that I can evaluate them and see
whether I trust them -- and whether I agree with the package author that
this package makes obsolete a different one that I am already using. I
won't be able to make this sort of evaluation if my old existing packages
are blindly removed.
Laura
More information about the Catalog-SIG
mailing list