That's flexible! Does this flexibility derive from have a simpler threat model at Netflix? How damaging would insider risk be?
I'm not aware of any public tooling, but I see Google has a version discussed in https://research.google/pubs/pub50130/ .
The article mentions: > We build packages in package groups, to take into account separate packages that need to be upgraded together. Once the whole group has been built, we run a virtualized test suite to make sure…
When I review code I prefer to do it blind, not knowing who the author is. This keeps me honest, and allows me to keep standards high without the author thinking I'm giving them an unfair hard time.
That's flexible! Does this flexibility derive from have a simpler threat model at Netflix? How damaging would insider risk be?
I'm not aware of any public tooling, but I see Google has a version discussed in https://research.google/pubs/pub50130/ .
The article mentions: > We build packages in package groups, to take into account separate packages that need to be upgraded together. Once the whole group has been built, we run a virtualized test suite to make sure…
When I review code I prefer to do it blind, not knowing who the author is. This keeps me honest, and allows me to keep standards high without the author thinking I'm giving them an unfair hard time.