Le lauantaina 9. marraskuuta 2024, 18.18.08 EET Michael Niedermayer a écrit :
> Hi all
> 
> Should we disable git accounts for developers who have not been active since
> a long time (like 10 years) ?

Yes but git is probably the least dangerous of credentials to keep stale. A 
backdoor getting pushed with a stale and stolen SSH private key would be 
noticed and rectified in no time.

What most people are concerned about right now is the incomplete documentation 
of any and all credentials - not just git write access - and more generally 
the lack of transparency. Once that is sorted out, we can start arguing about 
what should be revoked.

-- 
雷米‧德尼-库尔蒙
http://www.remlab.net/



_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel

To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".

Reply via email to