Mic92
commented
6 years ago From irc:
16:26:50
I'd vote for using the same tooling as the one being developed for https://github.com/NixOS/rfcs/pull/34 , as it's being designed exactly for this, but maybe it's too “long-term” and a bot to mark commits as “reviewed” would do it too? 16:27:15 (though if we start reviewing NUR… why not integrate with nixpkgs straight away? unless the issue is one with nixpkgs' license?) 16:30:02 <@Mic92> It would be not the same level of review we do for nixpkgs. 16:30:33 <@Mic92> Also we want to allow more experiements in NUR. 16:31:04 <@Mic92> Like opionated patches, large package sets and old version of packages. 16:31:41 hmm yeah ok :) 16:32:32 <@Mic92> The reviewed channel would be also an alternative way of fetching NUR. The default channel would be still unreviewed and non-blocking. 16:36:10 <@Mic92> ekleog: if this tool gets ever implemented, I will consider using it. Otherwise I will extend our current travis with a custom job, which is not hard to do. 16:36:57 <@Mic92> This needs to be done anyway so the tooling developed in this rfc would be orthogonal
Since we have now IRC notification we could add a bot to mark revisions as reviewed. This would result in advancing a reviewed channel. During the review we would verify there was no obvious malicious code added to NUR. With the current update frequency/amount this should be feasible and we should be able to review changes multiple times a day.