Comment by rmccue
20 hours ago
The aggregators can choose who to index, and we operate one at fair.pm - the idea being that you only federate repositories that meet requirements, and can defederate those which are bad actors. (End users can install directly from repositories though, and can always switch the aggregator if they find the rules too restrictive - no lock-in.)
What aggregators? How would I locate fair.fm? Is there a Whole Earth Guide to Repositories that’s human-curated? What is the published malware incidences and non-responses rate for each repository?
An "aggregator" is the thing that discovers and lists repositories - the equivalent of a search engine. Anyone can operate one themselves, and we (the FAIR project) operate a canonical one on our website, which is fair.pm.