CI system for PR builds
Perry E. Metzger
perry at piermont.com
Wed Apr 11 17:02:07 UTC 2018
On Sun, 8 Apr 2018 12:20:34 +0200 db <iamsudo at gmail.com> wrote:
> On 7 Apr 2018, at 19:44, Clemens Lang <cal at macports.org> wrote:
> > Remember that Portfiles can execute arbitrary code and root
> > access is available from Portfiles. We do not want to run
> > arbitrary code in a PR on the same build machines we use to build
> > packages that we will distribute to our users. A malicous
> > attacker could modify the machines in a way that packages built
> > after that will be miscompiled.
>
> If you review the code before, that should never be the case and it
> would build just once if it succeeds, right? Or am I missing
> something how PRs are handled?
Zero King already noted that we need to be able to trigger CI
automatically. I'll note on top of that that any system that depends
on humans noticing a subtle attempt to break our security will fail
-- humans are not perfect in reviewing code. If we were, we wouldn't
need a CI system in the first place.
Perry
--
Perry E. Metzger perry at piermont.com
More information about the macports-dev
mailing list