Author: Peter Todd 2013-10-04 12:14:15
Published on: 2013-10-04T12:14:15+00:00
In a discussion about code review on Bitcoin, Peter Todd highlighted the issue of rebasing pull requests multiple times until they are accepted, which can result in earlier code reviews becoming irrelevant. He also mentioned the risk of malicious code being introduced into the Bitcoin codebase. Arto Bendiken noted an example from 2003 where a missing character was used to backdoor the Linux kernel, emphasizing the need for careful review. Peter suggested a system where code review discussions could be PGP signed and combined with git's per-commit signature mechanism to ensure safety. However, he acknowledged that this system is still a long way off and suggested focusing on making sure reviewers carefully examine the code that goes into the master branch.
Updated on: 2023-06-07T17:27:55.031759+00:00