Christoph Erhardt writes:
I strongly oppose this suggestion. While it would have prevented thisparticular backdoor as a side-effect, the primary effect of going without unittests would be an outsize hole in Fedora's QA.
There have been several suggestions here for ways that this specific attempt from succeeding.
Any one of them will be very useful as long as it is guaranteed that all backdoor/supply chain attacks in the future are attempted in the exact same technical way.
pgpWXQfPOVO6k.pgp
Description: PGP signature
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
