Yes that is why usually it becomes harder and harder to become a new formal
commiter in a mature apache project.
Btw even if you know the commiter be a real human face, can you just decide
if he evil?
Or is the face really him, or a cheap Indian-face-freelancer hired at
network for a 10$ salary?
So maybe the only way is just strengthen the code review, and yes, even
commiters need to be reviewd by 1-2 other commiter, that makes things
safer.(than push to master directlly)
BTW Elli yourself have lots of branches at main repo too...well yes master
branch and release branch is more important, yes. but other branches in the
same repo shall be...more formal, right? After all, they be central repo.
Just, all we senior coders here know the coding world, no matter
open-source, or close-source, is just full of shit, and nobody's hand is
totally clean of it. we have to eat shit others poop (or starve then
struggle), and we poop shit for others to eat(and yes overlook the shit we
poop, think it delicious), and some bad guys, who thinking themselves great
great hackers or some free free hero thing, add poison in their shit to
poison others for nothing(or money? who knows), and that's life...
Maybe 5 years later the malf code review can be done by glm or other llm,
who knows, but now we just...have to take it carefully by human code
review...and yes, behavior standardizes...

Matthias Bünger <runningj...@web.de.invalid> 于2025年2月8日周六 14:52写道:

> This is already required. Otherwise Boxer does not link the GH account
>
> Am 07.02.2025 um 14:51 schrieb Elliotte Rusty Harold:
> > Fourth, we should require all committer Github accounts to turn on two
> > factor authentication. We might already be doing this.

Reply via email to