On 20.05.2015 21:36, Dmitriy Setrakyan wrote: > On Wed, May 20, 2015 at 6:26 AM, Yakov Zhdanov <yzhda...@gridgain.com> > wrote: > >> I still insist that this should be implemented with great care. >> > I tend to agree with Cos here. Let's implement this feature. If we get some > malicious contributor attaching bad patches, we will catch it very quickly > and remove him/her from Jira. All it takes to catch something like this is > a normal patch review by a committer, which is part of Ignite standard > development process.
Exactly. This is one of the reasons why we make our repository, Jira, commit notifications etc. public. Any number of projects have automatic patch validation, and I've yet to hear about a single attack or exploit that got in through that channel. -- Brane
