On Fri, May 15, 2026 at 2:41 PM Slawomir Jaranowski <[email protected]> wrote: > > Hi, > > From me also -1 > > Agree with Tamás > > and more: > - release process and tool are not ready - if I'm misses about it, > please try do release first in new way without write to default > branch, next we can talk
Legitimate, but if this is a blocker we need to fix this. We can deprioritize other work if necessary to move the release tool forward. > - I can create a fake account on on GitHub and switching between it - > one for create PR and one for approve No, I don't think you can. You'd need another committer account to approve. If that's not true and any account can approve, then we need to fix that. > - we have a vote process where artifact and commits are checked > before publishing > - you can check reproducible build during vote That doesn't help at all. It just proves the malicious commit is reproducible. > - we have protected branches so force push with history override is disabled, > - all commits are logged on public ML Necessary but not sufficient. We need defense in depth. This is only one of several mitigations we need to take. -- Elliotte Rusty Harold [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
