New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adventure 001 Day 02 Retrospective #200
Comments
|
Rough start, I think.
|
@kotp I will be on the lookout for rubysteps.com links - those are intended for people who have not signed up for the list emails yet. All the main information should be in the repo... |
@kotp "rough start" but getting better is the story of my life... :) |
What if somebody put into his folder somekind of malware? When i sync with upstream i'll get that thing on my computer? What should we do with this? |
Just don't run anyone else's code and you should be fine |
It is stil dangerous, no? |
@reignmaker that's a really great point - and something that I've thought about a bit. It's why nothing gets automatically merged... it all requires me to take a look at, and be on the lookout for anything. There's a trust inherent in open source. Think of how much software you're running where you haven't looked at the code... it's kind of scary. @RobAWilkinson is right - you don't run code unless you understand it. So in a scenario where someone uploads malware... first, you shouldn't run something unless you know exactly what it does! So in a sense, you're protected - unless you do something kind of foolish. Second, we currently have me reviewing all pull requests. The more that people pitch in there, the more protected we are. Finally, I generally assume that people involved in this project are well-intentioned and want to help others rather than harm them. That's not everyone in the world, of course, but it's a good default for this project. So we have three levels of responsibility here:
It's possible that this project eventually gets too big for me to handle. That means I'll need to enlist others to help out. That means trusting them... based on my experience with them. Thanks for bringing this up. It's an important issue that I've thought about, and I'd love to know what others think about it. |
Day 02 is now completed. Please see #223 for the day 03 retrospective.
The text was updated successfully, but these errors were encountered: