launchpad-dev team mailing list archive

Thread
Date

Re: Mirroring branches with username/password

To: Jeroen Vermeulen <jtv@xxxxxxxxxxxxx>
From: Karl Fogel <karl.fogel@xxxxxxxxxxxxx>
Date: Tue, 11 May 2010 12:44:30 -0400
Cc: Tim Penhey <tim@xxxxxxxxxxxxx>, Launchpad Community Development Team <launchpad-dev@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <4BE92884.9090308@canonical.com> (Jeroen Vermeulen's message of "Tue, 11 May 2010 16:51:00 +0700")
Reply-to: Karl Fogel <karl.fogel@xxxxxxxxxxxxx>
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.93 (gnu/linux)

Jeroen Vermeulen <jtv@xxxxxxxxxxxxx> writes:
>I don't think I follow the argument here.  What kind of trust are you
>talking about?  If it's trust in honesty on our part, viewers already
>have to trust that we deploy the same code we publish, with no hidden
>tricks.  If it's trust in timely synchronization, we have logs.
>
>If it's trust in us making faithful copies, well, if there's a
>password on the master then the owner clearly wants it restricted.  So
>the question of trust lies on that side, not on ours.

Oh, I didn't mean trust in the sense of worrying about malicious intent.
I more meant trust in the sense of "one can independently verify that
Launchpad's mirror of the code is complete and up-to-date with respect
to the upstream repository" -- i.e., that no technical glitches have
occurred.

-Karl

References

Mirroring branches with username/password
From: Jeroen Vermeulen, 2010-05-07
Re: Mirroring branches with username/password
From: Karl Fogel, 2010-05-10
Re: Mirroring branches with username/password
From: Jeroen Vermeulen, 2010-05-11