- Issue created by @quietone
- π³πΏNew Zealand quietone
This should also include π Add php-tuf/composer-stager to core dependencies and governance β for experimental Automatic Updates & Project Browser modules Needs work
- πΊπΈUnited States cmlara
My understanding is the D.O. Ecosystem wants PHP-TUF to be adopted by other providers correct? Sites like packagist.org and really every composer repository out there?
If that is a fair statement I would suggest a radially different policy compared to what is currently proposed:
Separate the TUF projects from Drupal core.
Do not allow core maintainer status to play any role in the TUF project management, give the project an initial developer team and let them choose how the project is run, who is a maintainer, and have sole authority independent of the desires of the Drupal Core project or the Drupal.org infrastructure team.
Give the TUF project the freedom to make decisions that Drupal would disagree with in order to promote the protocols growth. Allow it to become its own ecosystem, do not try and force control over it from one single project that represents a fraction of the global Composer usage.