On Thu, 25 Feb 2016 13:36:25 +0000
Dimitris Papastamos <sin_AT_2f30.org> wrote:
> I don't see how this has to do with handholding users.
It's simplistic. Handholding for me is you offer things which purposely
allow the user not to do certain things.
This whitetab flag purpots that the user won't have to read pull requestes
anymore. Now, to actually live up to these expectations, you quickly
end up parsing the code of the pull requestes to really, really exclude
correct statements and half-assedly detect evil behaviour.
pull request(1), just like any other tool, has to be used carefully. If
you don't trust a pull request, read it.
The sha1sum approach is also a very good approach, and afaik,
the LibreSSL agents use it regularly.
Cheers
FRIGN
--
FRIGN <dev_AT_frign.de>
Received on Thu Feb 25 2016 - 15:04:14 CET