[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] Arch Roadmap Draft (the anticipated part 3)
|
From: |
John Meinel |
|
Subject: |
Re: [Gnu-arch-users] Arch Roadmap Draft (the anticipated part 3) |
|
Date: |
Tue, 06 Jul 2004 19:10:53 -0500 |
|
User-agent: |
Mozilla Thunderbird 0.7.1 (Windows/20040626) |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Well, you can enforce the trusted source by using gpg keys, or something
of that nature. Obviously the return email address is not sufficient as
that is _very_ easy to forge.
As far as building in a chroot, basically any time you have a chroot you
need any tools that you are going to use be present. So that might be
quite a bit of work. gcc and make, etc are probably all going to have
quite a few dependencies.
My guess is that before doing that, you get the trusted source worked
out, and then don't worry about it for now.
However, if you read James Blackwell's email, he mentions
1. if necessary, register the submitted archive
And that means that you have never seen this archive before. Now, you
might be configured to accept submissions from someone without having
their archive already.
I think the idea was that lots of people are going to ask Tom to merge
there little fixes, and it would be nice to give him a simple "this is
what changed". But I'm guessing some of that might be better handled by
the Lieutenants scheme. You could do everything up to the "make, make
test", report that to a web page, with a button saying "test this". Once
that was selected, it would "make, make test" and then another page is
generated with "approve and merge".
John
=:->
Matthew Dempsky wrote:
| John Meinel <address@hidden> writes:
|
|>It also might be possible to run "make test" in a chroot environment. Is
|>there any reason why everything after "apply the changeset" couldn't be
|>walled off from the rest of the world?
|
|
| I'd expect that patches would only be automatically merged from
| trusted sources (like the patch lieutenants) so the code should
| already be trustworthy.
|
| That said, if there's an easy way to run the build process in a chroot
| environment, it couldn't hurt (I don't know what difficulties might be
| involved in making sure you can compile stuff successfully while
| chroot'd).
|
| -jivera
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Cygwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFA6z+NJdeBCYSNAAMRAsTEAKCagAnYdUjeWjjZ2SsxBVyBDd+VgQCghTuu
K+TqTUs2Mdq5J5Ece9cVpQk=
=eJ1J
-----END PGP SIGNATURE-----
Re: [Gnu-arch-users] Arch Roadmap Draft (the anticipated part 3), Tom Lord, 2004/07/06