ethomson
commented
6 years ago I thought that we had decided that - instead of a mailing list - that we would use a GitHub repository where stakeholders were invited. Do we need both?
Closed pks-t closed 6 years ago
ethomson
commented
6 years ago I thought that we had decided that - instead of a mailing list - that we would use a GitHub repository where stakeholders were invited. Do we need both?
pks-t
commented
6 years ago Uh, sorry. That's what happens when there's too many things in my head. No, in that case we do not need both. Closing this issue then
ethomson
commented
6 years ago No worries at all. I'm happy to have this discussion, because it's not clear to me how effective the security repository was for communications, though. We didn't see a lot of discussion from consumers of libgit2. I'd love to hear from people to see what they think.
The recent security release v0.27.1 has once again brought up the issue that there is no security mailing list for libgit2 yet. On our contributors summit, we all voiced the intention to set one up, but we hoped that there would be a bit more head time to do so. Anyway, I feel like we should set that up now as soon as possible. Included should be stake holders of our most important users and potentially some maintainers of bindings.
While I'm not particularly happy with that choice, I'd think Google Groups to be a somewhat sane choice, as you can also register without needing a Google account. I'd be very happy to use another solution, preferably an open one. I'll hopefully be able to take a look whether good alternatives exist this Friday.