On Fri, 18 Feb 2005, Moshe Weitzman wrote:
No, I think we should not talk about contrib *maintainers*, but more as a contrib door-guards. Those deciding what goes in, what not. Those keeping the heads together on what is happening, but mostly those that know who is doing what in these "official" contribs.
it is quite possible that we don't have enough qualified developers with enough time on their hands to perform code checking and functionality checking for this. If you look at the patch queue, it is quite common for *noone* to review a given patch, and we just let dries do it. i would think that Contrib code would be even less worthy of review. I'm not opposed to the 'door guard' arrangement, i am just skeptical that people will do what they promised.
I share your concern. We should, however, at least check sql queries for insertion vulnerabilities. Having Drupal modules which cause major havoc is not acceptable. I would also not split up the cvs repositories. Moving projects around from sandbox to contrib (and maybe back) will break the cvs history. I prefer to handle this through the website by de-moderating project modules.
the beauty of a rating system is that the whole community decides merit, and we don't need dedicated roles. it is true that ratings doesn't address the full range of issues that we want to solve here though.
I like this approach too. We should try it and see what happens. Cheers, Gerhard