internals+unsubscr...@lists.php.net - 550 5.7.1 Looks like spam to me. Can't unsub...?
Den tis 2 apr. 2024 kl 16:46 skrev Jakub Zelenka <bu...@php.net>: > On Tue, Apr 2, 2024 at 3:35 PM tag Knife <fennic...@gmail.com> wrote: > >> >> On Tue, 2 Apr 2024 at 14:53, Jakub Zelenka <bu...@php.net> wrote: >> >>> We will still need RM to sign the build so ideally we should make it >>> reproducible so RM can verify that CI produced expected build and then sign >>> it and just upload the signatures (not sure if we actually need signature >>> uploaded or if they are used just in announcements). >>> >>> I think this should then prevent compromise of the RM and CI unless CI >>> is compromised by RM, of course, but that should be very unlikely. >>> >>> Regards >>> >>> Jakub >>> >>> >> On the side of the CI being compromised, this does happen, typically with >> authed >> private hosted CI, like jenkins. But if its open and accessible to >> everyone to monitor, such >> as github actions, everyone can monitor and audit the build logs to >> verify the commands >> ran and nothing unexpected happened during build. >> >> That is something PHP is missing atm, no one can verify the build process >> for releases. >> > > Yes that's what I was suggesting. This should be done by RM. In that way, > the RM becomes more someone that verifies the build and not the actual > person that provides the build. > > Regards > > Jakub > > >
