It's worth noting that pulling in code from crates.io has different trust properties than NSS. In general, it's the developer and reviewer's responsibility to ensure that any newly-vendored Rust code is not malicious. This usually doesn't necessitate a painstaking line-by-line review, but needs something more than "rs=me on whatever gets pulled in when you cargo update".
If Phabricator is choking on large diffs, that seems like a very high-priority bug for the Engineering Workflow team to fix, so you should file a bug if you haven't already. In the mean time, phlay might work. On Sun, Jan 20, 2019 at 7:47 PM Martin Thomson <m...@mozilla.com> wrote: > On Sat, Jan 19, 2019 at 7:42 AM Emilio Cobos Álvarez <emi...@crisal.io> > wrote: > > > For others (assuming you're hitting the max_post_size limit) I think > > you're out of luck and need to submit them via splinter[2]. > > > > When vendoring NSS, which we do often, we've sometimes resorted to asking > for review for a script, or one-line command. As long as that identifies > the thing that is being vendored precisely, then you can go and review the > changes based on the command. > _______________________________________________ > dev-platform mailing list > dev-platform@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-platform > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
