On Sunday, 31 March 2024 20:12:38 CEST Kevin Kofler via devel wrote: > * Deleting ALL unit tests in %prep (and then of course not trying to run > them later). I strongly oppose this suggestion. While it would have prevented this particular backdoor as a side-effect, the primary effect of going without unit tests would be an outsize hole in Fedora's QA. As maintainer of the mold package, I regularly come across failures in %check, mostly in the builds for secondary architectures. This allows me to help upstream - a one-person project with limited resources - fix these bugs before Fedora ships the package. Moreover, %check has already caught bugs that only manifest themselves with Fedora's compile flags. Here's an example: https://github.com/rui314/mold/pull/877 You used the term 'pointless security theatre' in another email within this thread. *This* would be a prime example. Best, Christoph
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
