GitHub needs a 'build story'
We're still at the point where the binary (consumed) release of software(either as "github release"/docker image/npm package/OS repos' program) are independent of each other and not readily tightly coupled(technically).
To this end, I would like to see Github offer a 'build' functionality whereby the binary that is on the repo's 'Releases' page can only exist as a direct result of an action invoked on Github(viewable in the repo in whatever human readable format- "fileX")
The actual assembling & building may be carried out by trusted 3rd party who only can a) view the repo as of a certain SHA & b) - only follow instructions in fileX.
Comments & criticisms from all welcome.
Especially interested in responses by those who build releases for open source projects.
0 comments
[ 3.0 ms ] story [ 13.7 ms ] threadNo comments yet.