• @[email protected]
      link
      fedilink
      English
      410 months ago

      After I posted it, I found another discussion where it looks like mbin policy is that anyone can merge anyone else’s PR.

      As a software developer, that actually sounds really scary.

        • @[email protected]
          link
          fedilink
          English
          110 months ago

          There is a saying that if civil engineers would build houses the same way as software engineers build software, the first woodpecker would destroy the whole civilization.

          In reality it is not easy to build good software and it can be fragile even with good practices. This approach allows anyone’s code merged without much supervision.

          Another thing is (and I even noticed myself doing it, even though normally I think of myself as perfectionist) is that when one contributes a feature to a project that they don’t maintain. They just think only about the feature and the easiest way of implementing it, which isn’t necessarily the best way to implement something long term, adding complexity, makes harder to add more features and much easier to accidentally create bugs.

          Third, preventing security vulnerabilities is hard even with good practices, someone could accidentally (or purposely) introduce a security vulnerability.