Hi, people other than the Octave developers can create packages which
use Octave to do interesting things. I gather such packages are mostly
distributed via Octave-Forge? I am curious to know about the process
for approving such packages.
How much effort goes into reviewing and vetting packages? Is there any
process for approving packages before publication? Have any security
problems ever been encountered in third-party packages? Does the
package distributor make any statements as to guarantees about
security or the lack of them?
The reason I ask these questions is that we are debating package
distribution over in the Maxima project, and I would just like to
check in and see what you have encountered and how it has been
resolved. Thanks for any light you can shed on this topic.