[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read
|
From: |
Andreas Färber |
|
Subject: |
Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read |
|
Date: |
Thu, 26 Apr 2012 15:43:02 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:11.0) Gecko/20120328 Thunderbird/11.0.1 |
Am 17.04.2012 22:45, schrieb Blue Swirl:
> On Mon, Apr 16, 2012 at 21:47, Anthony Liguori <address@hidden> wrote:
>> On 04/16/2012 04:24 PM, Peter Maydell wrote:
>>>
>>> On 16 April 2012 18:42, Anthony Liguori<address@hidden> wrote:
>>>>
>>>> On 04/16/2012 12:17 PM, Peter Maydell wrote:
>>>>>
>>>>> Here's my stab at it:
>>>>> Maintained: Someone actually looks after it. The maintainer
>>>>> will have a git subtree for this area and
>>>>> patches
>>>>> are expected to go through it. Bug reports will
>>>>> generally be investigated.
>>>>
>>>>
>>>> * For something to be marked Maintained, there must be a person on M: and
>>>> there must be a git tree for the subsystem.
>>>
>>>
>>> Do you mean "there must be a git tree" or "there must be a git tree
>>> listed under T: for this area" ? We have I think several subsystems
>>> where things do come in via pullreq for a submaintainer tree but that
>>> tree isn't officially public except in as much as the branch name
>>> for the pullreq is always the same...
>>
>>
>> I'd like to record T: as part of a way to validate pull requests. I get
>> slightly nervous about pull requests because it's an easy way to sneak code
>> into the tree if you're malicious.
>
> Wouldn't signed PULL requests help? They need a very recent git though.
Signed PULL requests can authenticate the person sending the PULL but
not authorize what areas the contents of the PULL is allowed to touch.
Any definition of key -> files (just like email -> files) is going to be
surrounded by grey zones and exceptions to the rule, so I guess
verifying each PULL's diff stat and good judgment are the only weapons
against malicious PULLs, given that PULLs have become quite popular
these days and are no longer limited to recurring block, pci, ppc, etc.
Andreas
--
SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer; HRB 16746 AG Nürnberg
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, (continued)
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Andreas Färber, 2012/04/16
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Anthony Liguori, 2012/04/16
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Peter Maydell, 2012/04/16
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Anthony Liguori, 2012/04/16
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Kevin Wolf, 2012/04/17
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Anthony Liguori, 2012/04/17
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Blue Swirl, 2012/04/17
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read,
Andreas Färber <=
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Blue Swirl, 2012/04/28
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Andreas Färber, 2012/04/28
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Blue Swirl, 2012/04/28
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Andreas Färber, 2012/04/17
- Re: [Qemu-devel] [RFC 00/14] MAINTAINERS cleanups - please read, Peter Maydell, 2012/04/17