Jeff King <peff@xxxxxxxx> writes: > On Thu, Apr 28, 2016 at 09:09:44AM -0700, Stefan Beller wrote: > >> > I think the key thing with a blacklist is somebody has to go to the work >> > to audit the existing keys. >> >> Would it be sufficient to wait until someone screams at the mailing list >> for some key to be blacklisted? (I mean in the short term that would be >> of less quality, but relying on the larger community would result in a better >> end result? So your going through is just a jump start this process of >> listening to the community?) > > Yeah, I think ultimately we will rely on the community. But I would feel > a lot more comfortable if somebody made at least a single pass. > > I'll be curious what Junio says, too. I generally defer to him on how > conservative we want to be in cases like this. Starting from an empty whitelist and waiting for people to scream with valid use cases would automatically give us the single pass to identify the set of essential ones that users must be able to pass, no? Of course, the screamed proposal to add something to whitelist must be vetted (i.e. "yeah, we can see passing X in _your_ usecase might be useful, but here are downsides (e.g. security implications) of allowing X in other usecases"). And we might even find that it is insufficient safety to allow/disallow per variable name during that discussion, in which case choice between whitelist and blacklist becomes moot. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html