While processing SCM requests, I found a set of very short package reviews, which do not point out which checks have been performed or approved.
My initial thought is to just deny them with a message saying they need to do a full review, but I would like to ask the FPC what you think.
This is an extremely old question, which basically goes back to the first day we started doing reviews. When discussed in the past in both FPC and FESCo, there was no consensus on what is actually reasonable to require reviewers to do. Even the minimal proposal of asking the reviewer to indicate that they looked at anything at all was not accepted. This should all be in minutes and logs saved somewhere, but it would all be a decade old and I have no inclination to dig it up.
Fedora gives broad powers to packagers, to uberpackagers, and to admins. In my capacity as an admin I would simply not process the SCM request if it came to me and instead request that a "proper" review be done. The old SCM processing script even had a blacklist in it for this occasion. But that's because I wrote the script and felt strongly enough about it, not because there's any policy.
Metadata Update from @tibbs:
- Issue tagged with: meeting
The reviews are perfectly fine with me and acceptable.
If there is nothing to say, I say nothing and approve.
On the other hand, I saw other reviews, where the was pasted output of fedora-review and they looked fancy, but in reality the packages in Fedora were broken.
We discussed this at this weeks meeting (https://meetbot-raw.fedoraproject.org/fedora-meeting-2/2018-01-24/fpc.2018-01-24-18.22.txt):
Metadata Update from @james:
- Issue status updated to: Closed (was: Open)
to comment on this ticket.