On Sat, 15 Sep 2018 17:00:00 +0000 Joonas Kylmälä <joonas.kylm...@iki.fi> wrote:
> I mean pushing those repositories where I did "git merge > upstream/<upstreambranch>" and the merge worked without any conflicts > and didn't require any additional commits after the merge. ok, this looks good. Acked-by: Denis 'GNUtoo' Carikli <gnu...@no-log.org> > I can do a list of those repositories and you could take a look if > you want? I have checked the merged commits personally for any added > non-free or malicious code. We probably do not have the time to review each commit from the beginning(I didn't do that for instance). So until now we relied on common knowledge to find (and remove) malicious functionalities, but this also meant that some might still go through, like this one for instance: https://redmine.replicant.us/issues/1827 Having such functionalities in upstream projects was often controversial, so this often makes a lot of noise. This enabled Replicant to know about (and remove) such functionalities. I however when I was involved at the beginning, that kind of functionalities weren't added yet, and then Paul and Wolfgang took over, so they might know better than me about that. Denis.
pgpjKVtdCkufc.pgp
Description: OpenPGP digital signature
_______________________________________________ Replicant mailing list Replicant@osuosl.org https://lists.osuosl.org/mailman/listinfo/replicant
