|
|
|
|
|
|
by hypnagogic
814 days ago
|
|
|
> I would go further than that: all files which are in a distributed tarball, but not on the corresponding git repository, should be treated as suspect. This and the automated A/B / diff to check the tarball against the repo, flag if mismatched. |
|
|