Jifl> This is an interesting point. So far we've restricted write
Jifl> access to (full) maintainers only. I would be interested in
Jifl> other maintainer's views on whether we should open this up
Jifl> more freely now, in the same way as GCC, GDB etc. where
Jifl> package maintainers are allowed to check stuff in for their
Jifl> own packages. This wouldn't be the same as a full maintainer
Jifl> - it's purely an efficiency improvement.
Jifl> We would also, like GCC/GDB, have a top level MAINTAINERS
Jifl> file listing the responsibilities. Package maintainers would
Jifl> be able to commit directly to their "own" packages without
Jifl> waiting for approval. They can check in patches for other
Jifl> packages too if they like, but only with approval. *All*
Jifl> patches must go to ecos-patches in any case.
Jifl> Comments?
eCos is rather more package-oriented than gcc or gdb. We could end up
with a very large number of maintainers, most of them responsible for
only one or a small number of packages. Each maintainer is a potential
source of security problems, e.g. compromised ssh keys.
That's a good point. The number of people with write access could
proliferate out of control. I think it's probably only necessary when we
can foresee a large amount of CVS access being required.