Peter Todd [ARCHIVE] on Nostr: š Original date posted:2018-02-26 š Original message: On Fri, Feb 23, 2018 at ...
š
Original date posted:2018-02-26
š Original message:
On Fri, Feb 23, 2018 at 11:48:30AM +1030, Rusty Russell wrote:
> Hi all,
>
> Christian and I just gave ZmnSCPxj commit access to c-lightning; we
> know nothing other than his preferred pronoun and moniker (I'm calling him
> Zeeman for short), but ZmnSCPxj has earned our professional respect with over
> 100 commits, many non-trivial.
>
> He says: "No objection here, other than to point out that, as I
> am of course a human, however randomly-generated, I am of course on the
> side of humanity in the upcoming robot uprising, whose timing I of
> course have no knowledge about."
>
> We look forward to his excellent code and thorough and polite review of our
> mistakes, for which he can now share the blame!
If you're going to be giving pseudonyms commit access, I think it's about time
you start PGP signing commits for accountability. There's really no excuse to
not follow good code security practices.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20180226/bd1fe627/attachment.sig>
š Original message:
On Fri, Feb 23, 2018 at 11:48:30AM +1030, Rusty Russell wrote:
> Hi all,
>
> Christian and I just gave ZmnSCPxj commit access to c-lightning; we
> know nothing other than his preferred pronoun and moniker (I'm calling him
> Zeeman for short), but ZmnSCPxj has earned our professional respect with over
> 100 commits, many non-trivial.
>
> He says: "No objection here, other than to point out that, as I
> am of course a human, however randomly-generated, I am of course on the
> side of humanity in the upcoming robot uprising, whose timing I of
> course have no knowledge about."
>
> We look forward to his excellent code and thorough and polite review of our
> mistakes, for which he can now share the blame!
If you're going to be giving pseudonyms commit access, I think it's about time
you start PGP signing commits for accountability. There's really no excuse to
not follow good code security practices.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/lightning-dev/attachments/20180226/bd1fe627/attachment.sig>