|
|
|
|
|
|
by patrakov
73 days ago
|
|
|
The "nothing gets on main without two signatures" rule would not have prevented the xz story, where a comaintainer was able to smuggle malicious code past the review as "binary data for new tests" and, effectively, get it signed. |
|
|