| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Stephen Frost <sfrost(at)snowman(dot)net> |
| Cc: | Dave Cramer <davecramer(at)gmail(dot)com>, Christophe Pettus <xof(at)thebuild(dot)com>, Dave Page <dpage(at)pgadmin(dot)org>, pbj(at)cmicdo(dot)com, "pgsql-www(at)lists(dot)postgresql(dot)org" <pgsql-www(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Relative security of Community repos and packages |
| Date: | 2021-07-29 14:23:31 |
| Message-ID: | 712348.1627568611@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
Stephen Frost <sfrost(at)snowman(dot)net> writes:
> Indeed, that comment didn’t seem to help clear things up. I’m guessing Dave
> is referring to the fact that we have a separate “gitmaster” server, which
> is also maintained by pginfra and is where committers actually push changes
> to, and then that is mirrored to git.postgresql.org. I didn’t check which
> repo the tarball building script pulls from (which is run on pginfra, in
> case anyone is wondering about that) and perhaps it pulls from gitmaster
> and not git.p.o.
It does pull from gitmaster. There are multiple reasons for this design,
but one is that a compromise of our public git server wouldn't imperil
the contents of the official tarballs.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Stephen Frost | 2021-07-29 15:27:58 | Re: Relative security of Community repos and packages |
| Previous Message | Stephen Frost | 2021-07-29 11:56:55 | Re: Relative security of Community repos and packages |