Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-01-13 16:29:59 -05:00
Code Issues Packages Projects Releases Wiki Activity

contrib: improvements from Marek's comments

Browse Source
This commit is contained in:
Frédéric Pierret (fepitre) 2019-11-11 17:35:34 +01:00
parent a550680600
commit 96069def46
No known key found for this signature in database
GPG Key ID: 484010B5CDC576E2
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
developer/general/package-contributions.md
View File

@ -74,9 +74,11 @@ The review procedure is as follows:
In all the cases, the first condition to be validated by the QCR's review is to ensure that the contribution **will not** hijack any core packages of [QubesOS] and of course, none of the [QubesOS-contrib] packages too. More precisely, particular attention to the whole build pipeline will be made with a specific review of: In all the cases, the first condition to be validated by the QCR's review is to ensure that the contribution **will not** hijack any core packages of [QubesOS] and of course, none of the [QubesOS-contrib] packages too. More precisely, particular attention to the whole build pipeline will be made with a specific review of:
- Package dependencies, - Package dependencies,
- Build scripts, - Build scripts (including downloaded ones),
- All downloaded components should be verified against static hash,
- RPM/DEB installation scripts (e.g. looking at constraints who would hijack other packages), - RPM/DEB installation scripts (e.g. looking at constraints who would hijack other packages),
- Makefiles, - Makefiles,
- Package build [reproducible]
and any steps which would result in partial/total compromise of legitimate components. and any steps which would result in partial/total compromise of legitimate components.
@ -104,4 +106,4 @@ If you do not act on your maintainer duties for a given package for an extended
[QubesOS]: https://github.com/QubesOS [QubesOS]: https://github.com/QubesOS
[QubesOS-contrib]: https://github.com/QubesOS-contrib [QubesOS-contrib]: https://github.com/QubesOS-contrib
[qubes-issues]: https://github.com/QubesOS/qubes-issues/issues/ [qubes-issues]: https://github.com/QubesOS/qubes-issues/issues/
[reproducible]: https://reproducible-builds.org/