Hi! We just had an interesting discussion in our team and we'd love to ask you, copr devs, about your opinion.
Would that be a big of a deal if packit-service sent thousands of build requests within a short period of time? Context: right now in our packit github app we only allow builds being triggered by "trusted" contributors. So if a person opens a PR on a project and is not a contributor, that request is not being built - the project maintainer needs to trigger the build manually. We received suggestions to drop this and build all PRs no matter who contributed them. Our main concern is that someone could create a malicious contribution which would get into copr or some bot would open thousands of useless PRs, thus DoSing CI systems. Did you already have problems with this? Would this be a concern? [using user-cont-team@ ML since that's our only public list] Tomas _______________________________________________ copr-devel mailing list -- copr-devel@lists.fedorahosted.org To unsubscribe send an email to copr-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/copr-devel@lists.fedorahosted.org
