From: Drak <drak@zikula.org>
To: Pieter Wuille <pieter.wuille@gmail.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Reconsidering github
Date: Sat, 23 Aug 2014 13:05:17 +0100 [thread overview]
Message-ID: <CANAnSg0GftsnaAGhr4kcVa84Mdb9gfrAPV1UtNGYWWhS9x+P0g@mail.gmail.com> (raw)
In-Reply-To: <CAPg+sBisvpQp_3f5sz3O6+4VSx5FMjDnSaBUqNVFKM+o4Qm4FA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1404 bytes --]
On 23 August 2014 12:38, Pieter Wuille <pieter.wuille@gmail.com> wrote:
> That allows using github as easy-access mechanism for people to
> contribute and inspect, while having a higher security standard for
> the actual changes done to master.
I'd also like to point out the obvious: git uses the previous hash as part
of the formula to generate the current commit hash thus tampering with
history while possible would be instantly noticed because we all have
copies of the repository. Tampering would be completely evident (pushes
would fail for a start, and even simple merges would bork). It's just not
possible to tamper with the repository without it being discovered, even
with collusion (or strong arming) of github.
The social benefits of github make it idea for open source projects that
want community participation. The barrier to entry is low. The only "weak"
spot of github is the releases section, but since we don't actually
distribute Bitcoin from github the point is moot.
I think github haters fail to see the vast benefits of a social hub like
github. Their issue tracker may not be as sophisticated, it serves well and
the project is extremely productive.
Don't shoot yourself in the foot - a move away from github would be a
disaster for the project.
When you look at the attack surface of using github, it's pretty small and
would not go unnoticed, thus nullifying concern.
[-- Attachment #2: Type: text/html, Size: 1890 bytes --]
next prev parent reply other threads:[~2014-08-23 12:11 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-08-19 12:02 [Bitcoin-development] Reconsidering github Jeff Garzik
2014-08-19 12:28 ` Dāvis Mosāns
2014-08-19 14:58 ` Wladimir
2014-08-20 1:26 ` Troy Benjegerdes
2014-08-20 1:34 ` Gregory Maxwell
2014-08-20 6:24 ` Wladimir
2014-08-20 14:16 ` Mike Hearn
2014-08-23 5:59 ` Troy Benjegerdes
2014-08-23 5:53 ` Troy Benjegerdes
2014-08-30 3:33 ` Odinn Cyberguerrilla
2014-08-19 15:44 ` Bryan Bishop
2014-08-19 17:04 ` Angel Leon
2014-08-19 18:54 ` Gregory Maxwell
2014-08-22 19:20 ` xor
2014-08-22 19:31 ` Angel Leon
2014-08-23 6:17 ` Troy Benjegerdes
2014-08-23 11:38 ` Pieter Wuille
2014-08-23 12:05 ` Drak [this message]
2014-08-23 15:56 ` Wladimir
2014-08-23 11:59 ` Angel Leon
2014-08-23 14:32 ` Peter Todd
2014-08-23 17:44 ` Troy Benjegerdes
2014-08-23 20:36 ` Paul Rabahy
2014-08-23 20:54 ` Gregory Maxwell
2014-08-23 22:45 ` Peter Todd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CANAnSg0GftsnaAGhr4kcVa84Mdb9gfrAPV1UtNGYWWhS9x+P0g@mail.gmail.com \
--to=drak@zikula.org \
--cc=bitcoin-development@lists.sourceforge.net \
--cc=pieter.wuille@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox