[ros-dev] Vote: code auditing

[Rick Langschultz]

I think Option B looks like the best plan of action. However people  
shouldn't have the ability to check out the tainted or potentially  
tainted source code. I think that once each module is audited the  
repository should be unlocked. That way developers can continue  
coding on particular pieces of ReactOS, unless they are under lock.  
Commiting code should be allowed _only_ after ReactOS has underwent a  
full code audit.
On Feb 16, 2006, at 4:36 PM, Ged Murphy wrote:

> Vote topic : Ensure code auditing is carried out
> Start date : 16/02/06
> Period : 7 days discussion, 7 days voting
>
> With the success of proposal B in the recent vote and the old  
> repository reopening for business, we need to discuss ways to  
> ensure the code is audited and doesn't take a backseat.
>
> Following the correct voting procedure, there will be a 7 day  
> discussion period, followed by a 7 day voting period.
> Until this decision is made, I propose for the repository to be  
> fully open, with developers being diligent with their actions.
>
> This topic has been discussed somewhat between developers, although  
> not extensively.
> Two viable proposals have so far been put forward and are as follows :
>
> A - The repository is completely open to all development and  
> ReactOS developers must take it upon themselves to ensure all code  
> is audited.
>
> B - Sections of ReactOS which require auditing are 'locked', that  
> being that the source is fully available to download and build, but  
> no development work should be undertaken until the said code has  
> passed the audit. The lock will be removed only when that section  
> of code has been audited.
>
>
> Discussion of these topics and any further proposals should be in  
> reply to this topic.
>
>
> _______________________________________________
> Ros-dev mailing list
> Ros-dev at reactos.org
> http://www.reactos.org/mailman/listinfo/ros-dev