Hi Mark! > Thanks for the explanation. > > Please keep in mind that every comment in Guix was deliberately put > there by a Guix developer, which means that at least one developer > thought the comment was worth including. > > I'm concerned that you felt so confident in your assessment that these > comments were superfluous that you felt justified in removing them > without telling anyone, let alone asking your mentors if they agreed. > > My larger concern is that these removals were effectively hidden within > a commit that ostensibly only rearranged and reindented code.
My apologies, I should have mentioned in the commit message. Anyway, I will be deferring from removing any existing comments. > It occurs to me that commits that rearrange or reindent code are a > potential security risk, because they obscure other changes made within > the same commit. Even developers who try to keep an eye on changes > being made to Guix tend to simply *assume* that commits like these are > what they claim to be, because it's too tedious to verify them. > > If we allow unannounced changes to be obscured within "cosmetic changes" > commits without reprimand, we invite the future possibility of > deliberate corruption of our code base via such commits, by attackers > who have compromised our developers' machines or signing keys. I see. I haven't thought about this, but will consider it. Thanks! Regards, RG.