Add a file size limit #66
Comments
|
Is this an actual problem? I have not seen anyone trying to do this so far in a all the pull reuqests I have seen so far. |
|
I think when we roll this out to PRs beyond r-ryantm, we probably have a "trusted" maintainers set as far as I remember, who can be hopefully trusted enough to not do this. |
I know of at least one case were it happened by accident. And the more people we give access the more likely something like this might happen again and it also increases the risk of someone with malicious intended might try to bloat the git history.
oh maybe I misunderstood, but my understanding was that at some point every package maintainer should be allowed to merge update pr's by themselves. |
|
Since historically, we didn't had maintainers with extended privileges, we need some transition phase from the old system to the new system. |
|
I guess what Janik is trying to say we should enforce some type of checking for file size limits so people do not add a binary blob with a size of 5gb without review. |
|
I guess no one should be allowed to do that. |
|
Two situations come to mind:
|
Do not allow merges if a file larger $size is in the pr to avoid people increasing the git history with pictures or similar.
Currently this isn't really relevant as long as only prs by r-ryantm are allowed but we need something like this if we rollout it out to more contributors.
The text was updated successfully, but these errors were encountered: