On Thu, Feb 16, 2012 at 6:20 AM, kcrisman <[email protected]> wrote: > Sorry, my RSS feed is broken for sage-devel so I didn't see that this > thread had had lots of horrible things patchbot can do :) > >> > On a related note, an option to have patchbot only test files actually >> > changed in the patches would be useful. Obviously this would not be >> > the default! But it could be useful for running "sage --patchbot >> > ticket --ticket-doctests-only" in the background for a quick one-liner >> > to check that. >> >> I would think that these are the set of files that would be most >> likely to be tested by a user before submitting... the advantage of > > Haha. You'd be surprised. But I was thinking more along the lines of > different architectures/looking for noise.
True. >> the patchbot is that it tests everything, catching unexpected >> breakages, and doing the long-running work without manual >> intervention. But this could be useful for running it manually (but >> should *not* give an "all tests passed" result until all tests are >> run). > > Well, that would be feature request in any case. But is there syntax > yet for doing > > sage --patchbot -t 12345 > > ? This would seem to solve the problem of having to manually add > patch files (I assume this would one of the advantages of the "pull" > system) and then automatically tests them to boot. This is really getting into the fact that our workflow is so cumbersome we want to adapt the patchbot to do stuff like this. > Then one could > avoid the hacker problem. > > Of course, that sort of misses the point of the patchbot in general. > But VMs can't totally help, because presumably some of the point is > different/weird OS/architectures, right? Could there be a way to > strip for which user uploaded said patches and have a whitelist of > those, at least as a configuration item? Yes, that's implemented. By default it only tries patches uploaded from users who uploaded patches in previously merged tickets, but you can set the trusted_authors to any list of (trac) users you want. Being able to specify a list of trusted ticket numbers (taking a snapshot of the patches at that point) could be handy too. > (User names in the patch > itself could be easily faked, of course.) Or maybe a whitelist of > tickets... I don't know that anyone would want to maintain these, > though. The best option is signing patches and a whitelist of trusted users. We could even allow it to be transitive, i.e. I'll trust anyone that William trusts. And of course even then a separate account, etc. is still valuable. - Robert -- To post to this group, send an email to [email protected] To unsubscribe from this group, send an email to [email protected] For more options, visit this group at http://groups.google.com/group/sage-devel URL: http://www.sagemath.org
