I can't state how stupid this is. As if that person's bullshit's power of nuisance wasn't large enough, let's add automated echo chambers with a direct effect on the economy!
Don't be surprised if this crazy economic system can collapse any seconds with ideas like this.
> They weren't buying it for portability, like Japanese customers usually did; they were buying it because it was the cheapest way to play videogames, only a third the price of a console and with games that were half the price of console games (in many countries even less).
I don't think that's right, price is not the only concern here. It's just a different feeling, from having to start a session on the TV or being able to play around the house, in bed, etc. -- tablets did that well also, and most people are more likely to open their 3DS than start up the TV and console. That's what they attempted to match here, and, to me, it seems successful. (Note that Wii U was directed towards that goal as well, but failed).
It's indeed specific to our workflow -- allowing additions without moderation would cause all sort of problems we don't address; but not to OCaml, e.g. Homebrew uses a very similar, GitHub based workflow (which we actually drew lots of inspiration from) !
What is nice is that the moderation, if given the proper reports, e.g. Travis with lint and security checks, is very fast in the simple cases, and readily opens discussion in the others -- that's where GitHub really shines.
I mentionned GitHub, but note that we intend to also provide the tooling to host your own signed repository, indenpendently of it.
The pull-requests for new packages are manually merged (as it the case now), automatically signed.
Names uniquely identify one package. A repository maintainer can replace the owner of a package, and clear the existing package contents. This shouldn't be done for a different package with the same name if any users still have the package installed, though, as they will consider that an up/down-grade.
Not at all: adding new packages or developers is automatically signed (by the snapshot bot). Administrators may later sign the keys and delegations, individually or in batch, after verifying the developer identity out of band (the specification doesn't yet include the mechanisms for this verification, but with a git repo based on GitHub, the GitHub login gives a good start).
Don't be surprised if this crazy economic system can collapse any seconds with ideas like this.