On Mon, 11 Jan 2016 21:48:25 +0100, Christian Dersch wrote: The same procedure has been started a few times, at least https://bugzilla.redhat.com/736874 https://bugzilla.redhat.com/963890 Requesting co-maintainer access would be a way to solve such isues.

On Tue, 12 Jan 2016 11:17:37 +0100, Christian Dersch wrote: Isn't that tedious, inefficient and a waste of time? Having to start the non-responsive maintainer procedure again and again just to get a response (hopefully)? How long have the packages been unmaintained this time? Why protect the package from getting a few co-maintainers? Would help not be welcome in this case? Would FESCo insist on waiting for the procedure to be completed instead of granting an exception? https://fedoraproject.org/wiki/Policy_for_nonresponsive_package_maintaine... Now I dunno whether you would be happy with a belated response from the maintainer, but something obviously doesn't work well here.

On Tue, Jan 12, 2016 at 9:31 AM, Sven Lankes <sven(a)lank.es&gt; wrote: That's a potential security problem. If I, for example, can get commit access to any idle program by claiming it when the original maintainer is most busy, with no review or doublecheck of my quality as a new maintainer, I can commit madness on a lot of low maintenance projects. Given so many thousands of Fedora packages, it could get fascinatingly risky, especially if I start committing intriguing little '%post' procedures that interfere in subtle ways with other packages.

On Tue, 12 Jan 2016 16:27:03 +0100, Sven Lankes wrote: Not forever, though. Sponsorship is not a life-time duty, and monitoring git commits isn't either. It's not even mentioned as a responsibility. There are sponsors who don't do anything like that after approval a single review request. Strange things can happen, too. Sometimes, packagers submit flawless packages for review, and once included in the collection, after some months the packagers start messing up the packages in various ways. They would not pass a review anymore.