I am reading about this case in which a diff included in a commit message ended up being applied as well: https://github.com/i3/i3/pull/6564#issuecomment-3852166968
-
I am reading about this case in which a diff included in a commit message ended up being applied as well: https://github.com/i3/i3/pull/6564#issuecomment-3852166968
and it really makes me think. Folks often wonder why we have lexical undefined behavior. This is it folks, this is how old style tooling worked. In pipelines each part doing their own thing.
Modernized tools sets avoid these issues for the most part but yeah when everything is a text file these things can happen.
-
I am reading about this case in which a diff included in a commit message ended up being applied as well: https://github.com/i3/i3/pull/6564#issuecomment-3852166968
and it really makes me think. Folks often wonder why we have lexical undefined behavior. This is it folks, this is how old style tooling worked. In pipelines each part doing their own thing.
Modernized tools sets avoid these issues for the most part but yeah when everything is a text file these things can happen.
@shafik Reminds me of the XZ-systemd hack from a year or so ago. Our development tools and environments need to be as hardened as the code.
-
R relay@relay.mycrowd.ca shared this topic
