|
|
|
|
|
|
by fritzo
1586 days ago
|
|
|
Interesting! Can you help me imagine attack scenarios? All I can think of is: - The changeset is authored by a trusted committer but the committer's tools have been locally compromised. - The public tool itself (e.g. black) has been compromised to automatically create vulnerabilities in difficult-to-review bits of code (a Ken Thompson hack). |
|
|