> 12 дек. 2017 г., в 10:58, Mathias Bynens <[email protected]> написал(а): > > Yes, there is such an expectation. jsvu has a policy of only using URLs “that > are controlled by the creators of the JavaScript engine”: > https://github.com/GoogleChromeLabs/jsvu#security-considerations > <https://github.com/GoogleChromeLabs/jsvu#security-considerations> This is explained as a security policy. If the project considers Igalia builds unsafe, how are the same bits copied to another domain by an automated process any better?
I'm not necessarily objecting against the copying, but trying to make a legitimate story for why any extra work is needed. - Alexey > Anything not on *.webkit.org <http://webkit.org/> or similar, or anything not > on on S2 buckets that are owned by Apple directly, does not fit that policy. > > On Tue, Dec 12, 2017 at 7:35 PM, Alexey Proskuryakov <[email protected] > <mailto:[email protected]>> wrote: > >> 12 дек. 2017 г., в 1:34, Mathias Bynens <[email protected] >> <mailto:[email protected]>> написал(а): >> >> It would be great to make such downloads available from webkit.org >> <http://webkit.org/> or >> a similar domain! > > > Can you explain in more detail why this is important? > > If there is an expectation that this will make the builds more official in > some way, then I'd like to understand the difference better. For example, > will having links to igalia.com <http://igalia.com/> on webkit.org > <http://webkit.org/> work just as well? > > - Alexey > >
_______________________________________________ webkit-dev mailing list [email protected] https://lists.webkit.org/mailman/listinfo/webkit-dev
