Author: Drak 2014-08-23 12:05:17
Published on: 2014-08-23T12:05:17+00:00
Pieter Wuille suggested using Github as an easy-access mechanism to contribute and inspect, while having a higher security standard for actual changes done to master. Git uses the previous hash as part of the formula to generate the current commit hash, making tampering instantly noticeable. Collusion or strong arming of Github won't allow tampering with repositories without being discovered, as pushes would fail, and even simple merges would bork. The social benefits of Github make it ideal for open-source projects that want community participation, with a low barrier to entry. The only weak spot is the releases section, but since Bitcoin isn't distributed from Github, the point is moot. Although Github's issue tracker may not be sophisticated, it serves well and is productive. Moving away from Github would be disastrous for the project, and the attack surface of using Github is small and wouldn't go unnoticed, thus nullifying concern.
Updated on: 2023-06-09T02:21:50.689611+00:00