Dear Kevin, On Sat, Mar 30, 2024 at 8:12 PM Kevin Kofler via devel < devel@lists.fedoraproject.org> wrote:
> Miroslav Suchý wrote: > > 4) Fetch build artifacts before executing tests > > > > https://github.com/rpm-software-management/mock/issues/1352 > > Or better: Do not execute tests to begin with! rm -rf test in %prep and > NEVER run tests during builds. Even when the tests are all legitimate, all > it does is slow down the build (e.g., compare glibc build times without > and > with tests) and every so often break it because the test, not the > software, > is broken. And a claimed "test file" is what allowed the payload to be > snuck > in here. > It's a terrible idea. Sorry. > Unit tests are something for upstream developers. They should NEVER be run > in a distribution build. > The first thesis is completely wrong. Having, say, a 30+ downstream patches and declining to run upstream tests is the most effective way to break a gazillion use-cases. But the fuzzing tests look quite dangerous to me here and now. No one can review a corpse of binary files :( -- Dmitry Belyavskiy
-- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue