On Fri, 28 Apr 2006, Josh Bressers wrote:

...

If you're interested, feel free to chime in.

I'm interested as well

...

We will need a package manifest. Basically a file that tells us which packages and versions we're currently shipping in extras. A tool to generate this will also be needed since we'll want to update this file on a regular basis. Given how fast Extras changes I think this will be the easiest way to check if we currently ship package <foo>.

What's the scope here? Should it cover what's in CVS or what's built and shipped as a package? I can see pros and cons each way

I think it's important to keep an eye out for new things, but also there's no reason to track a deprecated package that also happens to be in CVS. A blend of the two will be needed.

Also, does it need to be part of the Fedora infrastructure stuff (say, a script run on the repository every time a package push hits), or can it be client-side (say, once a day I check out CVS trees for FE, walk them to see what's in them, check results into fedora-security/package or whatever)

I was thinking that initially we just run a manual client side process from time to time. Eventually I would like to see an automated process that updates a package manifest.