Comment by embedding-shape
16 hours ago
But why check the user instead of the actual code? That's like asking people to checking the GitHub user before they install a program from GitHub, instead of the program itself! Ultimately, the PKGBUILD is the only thing that matters here, not the author or how many others reviewed it.
That isn't what I ment, I should have said that the person who runs pkgsrc-wip helps submitters get the package correct (which can be more challenging than PKGBUILD since it is a more strict system and unless it is a Linux only package is more likely to need patches). Thinking about it more it isn't really the same as AUR since as I understand it packages without issues are likely to get into pkgsrc proper in most cases so it is mostly WIP as the name suggests (although not entirely as I recall, at least last time I used it). So you might be correct that there isn't really anything similar in the BSD world.