Mark,
Option 1 isn't a very big concern since it's likely only developers working
on the restricted code will cause its hashes to permute.
Option 2 is precisely what we were thinking about doing. The concern,
though, is what happens when a developer who doesn't have access to the
code changes a
While this may not resolve your problem, these are my 0.2 cents.
I assume you already know this:
The hash does not need to be permuted between dependency updates, as
(e.g.) eglibc promises ABI and API stability between major releases
(like most Linux libraries).
This means that the hash has to
On 3/26/13 7:53 AM, Jerrod Peach wrote:
As part of my company's firmware builds, we have to build some code that only a
handful of developers are allowed to view. We call this restricted source code.
Getting our official system builds to build this code isn't a problem. What
is a problem is
