Accessibility of pre-release materials
Michael Palimaka
kensington at gentoo.org
Mon Aug 17 13:21:37 BST 2015
On 17/08/15 19:19, Ben Cooksley wrote:
> Hi Packagers,
>
> It has been brought to my attention that at least Gentoo is making
> packages (in this case ebuilds) available to general users for
> packages which KDE has not yet released.
>
> Please ensure that packages are not made (easily) available to general
> users when preparing your packages. (Using private / not publicly
> documented repositories for this purpose is considered fine).
>
> Thanks,
> Ben Cooksley
> KDE Sysadmin
Hi Ben,
As a source-based distribution, Gentoo does not distribute packages in
the traditional sense. The packages (ebuilds) we distribute are just
text files describing how to build the source. At no point do we
distribute anything produced by KDE that is not publicly released.
It is true that we have ebuilds for unreleased software (along with
other experimental work) in a public repository, but this has not been a
problem in the past because:
1. As previously mentioned, these are text files only
2. They are not stored in the default repository - this special
repository must be manually enabled by the user
3. These ebuilds are "masked" so they are not visible to the package
manager by default. The user must take explicit action to attempt to use
them
4. Even if a user ignores the above and attempts to use the ebuild
anyway, it will fail. Our mirroring system is mostly automatic, fetching
from public KDE mirrors - so it's not possible for a file to appear on
our mirrors until it appears on yours
I would appreciate any further information about what exactly has
occurred so that I may investigate.
Please also accept my apologies if any inconvenience has been caused.
Best regards,
Michael
More information about the Distributions
mailing list