groovy-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bertrand Delacretaz <bdelacre...@apache.org>
Subject Re: New Workflow…
Date Mon, 27 Apr 2015 09:54:44 GMT
Hi,

On Sun, Apr 26, 2015 at 6:01 PM, Russel Winder <russel@winder.org.uk> wrote:
> ...I am not sure I understand why a Git commit made directly to an ASF
> repository is any less traceable, logged etc. than a commit made by
> the same person on GitHub and then mirrored to ASF...

I think this infrastructure-dev thread explains that, it's what Andrew
mentioned earlier in this thread with a bit more detail:

http://markmail.org/message/3kcms6pll7ouj35l

Commits made directly to ASF-hosted Git repositories, OTOH, are
controlled by the ASF authentication mechanism that we trust. Commits
made directly on github do not currently provide that level of trust.

The ASF wants committers to take responsibility for what they commit
according to the iCLA that they file, that's what we need strong
traceability of the provenance of each line of code here.

-Bertrand

Mime
View raw message