Hi,
On September 16, 2022 5:03:03 PM UTC, Kevin Fenzi <kevin(a)scrye.com> wrote:
On Fri, Sep 16, 2022 at 10:03:35AM +0200, Vít Ondruch wrote:
> Isn't peer review much better and easier solution over all? We could also
> require signed commits I guess.
I think it would slow things down quite a lot to require peer review of
every commit.
It would a bit, but it is doable. openSUSE tumbleweed works like that: every commit that
is sent into the rolling distro is reviewed by the release managers. It adds some overhead
and it would most certainly require dedicated reviewers and additional tooling.
>I'd personally like to avoid anything where we need to support gpg.
>It's a mess and I think it would waste a lot of cycles explaining how to
>use it or help people get setup. ;( If there's some easier/more clear
>way to sign things that could be a option tho.
>
>kevin