Re: Relative security of Community repos and packages

Stephen Frost <sfrost@snowman.net> writes:
> Indeed, that comment didn’t seem to help clear things up. I’m guessing Dave
> is referring to the fact that we have a separate “gitmaster” server, which
> is also maintained by pginfra and is where committers actually push changes
> to, and then that is mirrored to git.postgresql.org.  I didn’t check which
> repo the tarball building script pulls from (which is run on pginfra, in
> case anyone is wondering about that) and perhaps it pulls from gitmaster
> and not git.p.o.

It does pull from gitmaster.  There are multiple reasons for this design,
but one is that a compromise of our public git server wouldn't imperil
the contents of the official tarballs.

            regards, tom lane