Limiting who can create v${NUMBER}.${NUMBER}.${NUMBER} tags in KDE Applications git repos
Rolf Eike Beer
kde at opensource.sf-tec.de
Mon Jun 25 06:57:55 UTC 2018
Am 2018-06-24 22:56, schrieb Albert Astals Cid:
> Hi, would anyone be against limiting who can create
> v${NUMBER}.${NUMBER}.${NUMBER}
> i.e. tags that look like our release tags to members of the release
> team for
> the KDE Applications git repositories?
>
> Rationale: Some distros build from git tags so creating a "release
> looking
> tag" is for them like "using the release tarball" and we already limit
> who can
> upload release tarballs to the download.kde.org so it would be a
> similar
> restriction but for the git side.
This sounds sane to me. Simply require those tags to be signed by
$key_in_known_good_list.
Eike
More information about the release-team
mailing list