Jeff King <peff@xxxxxxxx> writes: > Right, I know people use them. What I meant was that if we wanted to > spin them to out-of-tree projects, we'd need somebody to volunteer to be > the maintainer of those projects. If they stay in-tree we can be a bit > looser (your "I don't want to be _the_ maintainer, but I can > contribute"). > > It does put more load on Junio, though. E.g., if there is a security > problem the project has to deal with embargoed release engineering, > whereas a separate project would do its own releases. Well, but it certainly is not more than what I currently need to do; it does not make any difference whether it is housed in the contrib/ directory or in the tools/ directory. > Last time wincred had a security hole (in 2020), the phrase "unsafe and > unmaintained" was thrown about on the security list, but we ultimately > fixed at least the immediate issue. But I find its general matching > strategy to be not very confidence-inspiring. > > Dscho (or anybody else familiar with Windows) may want to comment > further. Thanks for a redirect.
