Hi, On 2017-09-12 11:30:33 -0400, Tom Lane wrote: > One thing I'm a tad worried about is automatically running trojan-horsed > submissions. I hope the CI bot is tightly sandboxed.
Well, that's part of the nice thing here. The "really dangerous stuff" is all running on a service that does so full-time, not on our resources. Everyone can open git repos and open malicious PRs in them - travis checks a *lot* of projects... That's not to say your worries are unfounded, just that they're not primarily ours. Although even the patch file handling etc, seems worthy of a good bit of attention. Greetings, Andres Freund -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
