Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:65647
Return-Path: <ml@anderiasch.de>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 51950 invoked from network); 4 Feb 2013 18:34:27 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 4 Feb 2013 18:34:27 -0000
Authentication-Results: pb1.pair.com smtp.mail=ml@anderiasch.de; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=ml@anderiasch.de; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain anderiasch.de from 81.169.138.148 cause and error)
X-PHP-List-Original-Sender: ml@anderiasch.de
X-Host-Fingerprint: 81.169.138.148 ares.art-core.org Linux 2.5 (sometimes 2.4) (4)
Received: from [81.169.138.148] ([81.169.138.148:58531] helo=mail.anderiasch.de)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id C2/30-48414-28AFF015 for <internals@lists.php.net>; Mon, 04 Feb 2013 13:14:26 -0500
Message-ID: <510FFA7D.7070908@anderiasch.de>
Date: Mon, 04 Feb 2013 19:14:21 +0100
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130107 Thunderbird/17.0.2
MIME-Version: 1.0
To: Ferenc Kovacs <tyra3l@gmail.com>
CC: =?UTF-8?B?Sm9oYW5uZXMgU2NobMO8dGVy?= <johannes@schlueters.de>, 
 Pierre Joye <pierre.php@gmail.com>,
 PHP Internals <internals@lists.php.net>
References: <cvs-account-2697@php.net> <CAH-PCH6mru=Yyt57Hp6f0TqAQmxMO5y-7pLVPyCzigJQbybfGQ@mail.gmail.com> <CAEZPtU7UjkwZoWDwkqBL+4zG9dyJsRaMGc9mt+1VjiW4djEKuw@mail.gmail.com> <CAH-PCH6sSU06-xd_PtcmhOpjS1V53CxtmXMT5V7L+nWB577gCA@mail.gmail.com> <510FF357.5050807@anderiasch.de> <CAH-PCH5_zJkvfK3o4rjxP8hB7FHGW9ymp+4-KTVeSmFGQoRtkg@mail.gmail.com> <1360001258.1856.24053.camel@guybrush> <CAH-PCH4GYAkuuY7U_GfFnshn1t_cxkECk1qwVx2ukG4CJc5z7A@mail.gmail.com>
In-Reply-To: <CAH-PCH4GYAkuuY7U_GfFnshn1t_cxkECk1qwVx2ukG4CJc5z7A@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [PHP-DEV] VCS Account Request: jenkins
From: ml@anderiasch.de (Florian Anderiasch)

On 04.02.2013 19:13, Ferenc Kovacs wrote:
> yeah, that would work also, but it has some of the concerns that were
> mentioned about the git push way:
> if you somehow compromise the jenkins box, you can get rouge commits to
> the jenkins git.php.net <http://git.php.net> repo.
> as I mentioned, I think I will use some 3rd party repo(github probably)
> for the configs and manually merge stuff to the web/jenkins repo on
> git.php.net <http://git.php.net> once in a while.


I omitted "if people are against giving the bot access" - that's why I
suggested GitHub - and I know it's usually only mirroring, but why not
add new repos for "different security contexts" there? (With a big "not
mirrored warning ofc")

Greetings,
Florian