[CentOS-devel] Missing security updates

[Marcus Moeller]

Dear Karan.

> Yes, thats about right. The idea of testing stuff within CentOS has a
> very finite end point. With very few exceptions the only people trying
> to get onto the testing team are people looking for early access. There
> have only ever been a small number of people who actually do anything. I
> would love, more than anything else at this time, to have a large and
> productive testing team - but one that actually does something.
>
> Opening up the list to public and opening up access to the testing
> repo's and hoping for the best is not only a stupid idea, its also a
> massive waste of resources. But still its the only solution people seem
> to come up with when I pitch this problem to them. So we carry on with
> our solution in place right now -> invite people we know and recognise
> to be people interested in helping. So visibility cluefull people from
> the community here. And dont be mistaken :  plenty have declined. Which
> is fine, everyone has their own agenda and life to live.

There is even no clear process of how (trusted) ppl could join up.
It's all about 'Expect to get invited when free slots in the testing
team are available'.

I also think that you loose nothing with opening up the testing
process. But I personally never really cared about that 'early access'
thing. And yes, I know your arguments but I just don't share them and
other projects which already have open processes work quite well (even
if they are enterprise related).

> I don't personally see any of those frames changing too far at the moment, but then I've been surprised in the past and am quite open to being surprised again :)

I just wait for the moment to be surprised by changes within the
project infrastructure. One thing I have learned within the past few
years in CentOS is that nothing will change (which maybe isn't that
bad for an enterprise OS but it has not much to do with community)

Greets
Marcus