- From: Tobie Langel <tobie@w3.org>
- Date: Mon, 21 Oct 2013 18:30:04 +0200
- To: Robin Berjon <robin@w3.org>
- Cc: "spec-prod@w3.org" <spec-prod@w3.org>
On Monday, October 21, 2013 at 4:26 PM, Robin Berjon wrote: > At FPWD, a static snapshot is also made. I say static because I'm > assuming that systems like ReSpec that generate things on the client > side become accepted in TR, for non-snapshots. Basically, FPWD (and the > other snapshot points) are *not* git SHAs. History can be rewritten in > git, which can be defended against but would be annoying. Instead they > really are snapshot exports of the repo. This also makes generating > static versions easier. I'm not sure I understand the attack vector you're describing here, nor why it wouldn't be easy to defend against it. Exporting the whole repo for every release seems to be both an annoyance to setup and an important feature loss (I'd love to have tags of each different maturity level bundled together when cloning the repo. --tobie
Received on Monday, 21 October 2013 16:28:39 UTC