> [...] jenkinsci/inactive-core-maintainers [...] +1 for the idea And thanks for providing additional rationales behind the approach.
For Basil: As it's about reducing the risk and not eliminating it, the approach was voluntarily not aggressive. If you want to have a stricter / more aggressive approach, from my PoV it's another topic with harder consensus to find. On Monday, January 30, 2023 at 9:12:00 PM UTC+1 [email protected] wrote: > On Mon, Jan 30, 2023 at 7:26 PM Basil Crow <[email protected]> wrote: > >> A compromised account with unnecessary commit access could very well >> have that level of impact if it is used to introduce malicious content >> into a release. >> > > Exactly, which is why this was done. > > As a reminder, you originally responded to an explanation why this wasn't > discussed more widely before this was implemented. > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/2fb769af-d0f2-4288-99de-d79848624993n%40googlegroups.com.
