| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7vppz45lz9.fsf@alter.siamese.dyndns.org> Date: Tue, 12 Mar 2013 14:47:38 -0700 From: Junio C Hamano <gitster@...ox.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: "Theodore Ts'o" <tytso@....edu>, James Morris <jmorris@...ei.org>, Stephen Rothwell <sfr@...b.auug.org.au>, linux-next@...r.kernel.org, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Git Mailing List <git@...r.kernel.org> Subject: Re: linux-next: unneeded merge in the security tree Linus Torvalds <torvalds@...ux-foundation.org> writes: > - I do think that we might want a "--no-signatures" for the specific > case of merging signed tags without actually taking the signature > (because it's a "upstream" repo). The "--ff-only" thing is *too* > strict. Sometimes you really do want to merge in new code, disallowing > it entirely is tough. I agree that "--ff-only" thing is too strict and sometimes you would want to allow back-merges, but when you do allow such a back-merge, is there a reason you want it to be --no-signatures merge? When a subtree maintainer decides to merge a stable release point from you with a good reason, I do not see anything wrong in recording that the resulting commit _did_ merge what you released with a signature. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists