[cryptography] Just how bad is OpenSSL ?

Jeremy Stanley fungi at yuggoth.org
Mon Nov 5 10:17:28 EST 2012


On 2012-11-05 09:31:08 +0000 (+0000), Ben Laurie wrote:
> On Mon, Nov 5, 2012 at 5:07 AM, Nico Williams <nico at cryptonector.com> wrote:
> > It's just git, so keep multiple clone repos. You could use an
> > internal one as the master and push updates to the github one if
> > you don't trust github -- use github to serve outsiders.
> 
> That is exactly the plan.

For what it's worth, that's what we've been doing in the OpenStack
project (with some scripting to auto-close GitHub pull requests with
a message directing the contributor to our code review system). It's
been working quite well and keeps pull load off our overworked
master repository.
-- 
{ WHOIS( STANL3-ARIN ); WWW( http://fungi.yuggoth.org/ );
FINGER( fungi at yuggoth.org ); IRC( fungi at irc.yuggoth.org#ccl );
PGP( 43495829 ); MUD( kinrui at katarsis.mudpy.org:6669 ); }



More information about the cryptography mailing list