Re: Getting a move on for 8.2 beta

On Sep 13, 2006, at 6:56 PM, Tom Dunstan wrote:
>> Regarding the idea of a list of approved patch authorisers, don't  
>> we have
>> such a group now? i.e. "committers".
>
> Right, and if committers or others are willing to put in the time  
> required to verify that patches aren't nasty before going onto the  
> blessed patch queue, the idea could quite possibly work and provide  
> some value. Note that all we really need to test for here is that  
> the patch isn't malicious; patches that are bad design or whatever  
> are unlikely to open security holes or fry your box. A major point  
> of the queue is that the appropriate committer often doesn't have  
> the time to review the patch right now. There might be some benefit  
> in allowing a wider set of contributors to bless patches as non- 
> nasty for testing purposes, rather than waste the limited time of  
> qualified committers. Maybe such an army doesn't exist, though.

That's something I'd be willing to do. And for many people that  
aren't committers but are still trusted in the community, we could  
probably bypass the checking.

Another possibility would be to test these patches in some kind of  
virtual machine that gets blown away every X days, so that even if  
someone did get something malicious in there it wouldn't last long.
--
Jim Nasby                                            jim@nasby.net
EnterpriseDB      http://enterprisedb.com      512.569.9461 (cell)