the country doing the most cyber attacks wants to do its own linux forks. what could possibly go wrong
with blackjack and hookers
They haven’t been removed from the community though — just the maintainers list. Now they need someone else’s review to commit code to the kernel.
Personally, I think even maintainers should be required to have that — you can be the committer for pre-reviewed code from others, but not just be able to check anything you want in, no matter your reputation (even if you’re Linus). That way a security breach is less likely to cause havoc.
I find that difficult. Aside from code reviews, often times your job as a maintainer is:
- getting a refactor or code cleanup in while everyone’s asleep
- shuffling commits around between branches
- fixing the CI toolchain
- rolling back or repairing a broken change
- unfucking the repo
- fixing a security vulnerability
A required review slows all of these tasks to a crawl. I do agree that the kernel is important enough that it might be worth the trade-off.
But at the same, I do not feel like I could do my (non-kernel) maintainer job without direct commit access…
Good for them.