Re: Fwd: Should package.el support notifying on package security updates?

[Richard Stallman]

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > There's no reason
  > ELPA packages can't have similar security bugs (I just don't have an
  > example of this at the moment), and I figured it might be a good idea to
  > have some support for making it easier for users to quickly get security
  > updates for packages, regardless of what repository they're using.

It makes sense for us to improve matters for GNU ELPA.
It's a desirable thing to do, and it's part of our work.

WHat remains is the practical question: what actions, that would
improve the situation, are feasible for us to do.  As I'm not an
expert on that, I will leave it to the others.

-- 
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)