Hi guys,
I am wondering if we can automate the process of making sure that addon
sconstructfiles don't change. Many reviewers might not realize, but
sconstruct file and buildvars are just as important to code review. They
run python code, and can insert whatever they want into the addon. I am
tempted to write automatic code review infrastructure to hash the
sconstruct and check it against a golden sconstruct. Also, we could
ensure if it changes between versions, the build fails until we update
the hash after a code review. In this way, the author doesn't insert
some folder on their local machine into the official add-on. Also,
should we provide a community guideline that says the official build
cannot be built by the author?
Just some thoughts, I have never seen an evil sconstruct, this is purely
theoretical.
--
------------------------------------------------------------------------
Derek Riemer
* Department of computer science, third year undergraduate student.
* Proud user of the NVDA screen reader.
* Open source enthusiast.
* Member of Bridge Cu
* Avid skiier.
Websites:
Honors portfolio <http://derekriemer.com>
Awesome little hand built weather app!
<http://django.derekriemer.com/weather/>
email me at derek.riemer@xxxxxxxxxxxx <mailto:derek.riemer@xxxxxxxxxxxx>
Phone: (303) 906-2194