2009/9/23 Ben Laurie <[email protected]>: > > a > > On Mon, Sep 21, 2009 at 7:42 PM, Mike Samuel <[email protected]> wrote: >> >> What are the outstanding points of contention? >> >> Do people agree or disagree with the following (not all pair-wise >> consistent) statements: >> (1) There should be a way to integrate candidate tools that depend on >> the Caja core into the build process that does not require line-by- >> line review before the tool has proven useful. > > Agree. > >> (2a) The candidate tool developer should bear the burden of >> maintaining tools, at least until the team comes to rely on them -- at >> which time it is no longer a candidate. > > Agree. > >> (2b) A candidate tool developer should be able to add tests to >> AllTests and have them run on precommit. > > So long as precommit allows a commit even if they fail. > >> (2c) A candidate tool developer should be able to expect devs who >> change core APIs to get the tool compiling > > Disagree. > >> (2d) A candidate tool developer should not expect devs who change core >> Caja code to make sure that their tests run green. > > Agree. > >> (3a) Candidate tools can stop a build from completing. > > Unclear what this means - ideally, they should not stop a build from > completing stuff that is independent of said tool.
E.g., could a lint tool cause a particular build target to fail if it notices a serious problem? >> (3b) Candidate tools must not affect the output of a build target that >> succeeds. > > Should be able to disable the tool and still build, would be a weaker > requirement that I think I'd be OK with - so they could change the > output, but you should be able to easily revert... One of the reasons we require code review is to guard against malicious code from making it into the codebase. Unreviewed tools could, theoretically, modify built files and so violate integrity. This is also true of third party code and tools like javac. I don't think we can really rely on code review to guard the tools in our TCB but I listed it as an issue because others might have different opinions.
