Hi,
There’s a package I want to use that’s a home project on OBS. (Specifically: Show home:codifryed / coolercontrol - openSUSE Build Service), this seems to be a package that’s recommended by the developer themselves, but how do I know if I can trust this package or not? I looked through the OBS page and it seems to be pulling from the git repo, which itself seems to be fairly popular and recommended often.
Any pointers appreciated, thank you!
Compare Profile of codifryed - openSUSE Build Service and Guy Boldon · GitLab !
If they are both NOT fake (fake identities…) and if you trust one (i.e. the latter one), you may probably trust both (i.e. the first one, too).
You cannot. Packages from home: repos can and will break your system. If a dev thinks the package is good enough they should push it to Factory. After openQA testing it will appear in the regular TW repos.
It is really amusing to see this mantra repeated over and over again. Leaving aside the obvious fact that someone needs to write tests first - only subset of packages undergoes openQA testing and not every failure is considered blocking point for releasing next Tumbleweed snapshot.
Yes, there is openQA that tests core part of distribution. No, it does not and can not test everything as the recent /etc/nsswitch.conf events demonstrate. And it does not mean that each package is automagically tested as your comment implies.
I am very aware of all that, Andrei. I hope you are as aware of the fact that not waiting for packages to appear in TW, but using packages from home: repos can have serious negative implications. Doing so requires good understanding, knowing what else is in that home: repo, and so on.
So I guess the best thing for me to do would be to ask the author if they can look at getting this published to an official repo?
If I really need it, I would try to understand the .spec and build it in my home project on OBS.