Re: Cosmetic changes commits as a potential security risk (was Re: Questionable "cosmetic changes" commits)

["Raghav Gururajan" via "Development of GNU Guix and the GNU System distribution." <guix-devel@gnu.org>]

Hi Mark!

> Thanks for the explanation.
> 
> Please keep in mind that every comment in Guix was deliberately put
> there by a Guix developer, which means that at least one developer
> thought the comment was worth including.
> 
> I'm concerned that you felt so confident in your assessment that these
> comments were superfluous that you felt justified in removing them
> without telling anyone, let alone asking your mentors if they agreed.
> 
> My larger concern is that these removals were effectively hidden within
> a commit that ostensibly only rearranged and reindented code.

My apologies, I should have mentioned in the commit message. Anyway, I will be deferring from removing any existing comments. 

> It occurs to me that commits that rearrange or reindent code are a
> potential security risk, because they obscure other changes made within
> the same commit. Even developers who try to keep an eye on changes
> being made to Guix tend to simply *assume* that commits like these are
> what they claim to be, because it's too tedious to verify them.
> 
> If we allow unannounced changes to be obscured within "cosmetic changes"
> commits without reprimand, we invite the future possibility of
> deliberate corruption of our code base via such commits, by attackers
> who have compromised our developers' machines or signing keys.

I see. I haven't thought about this, but will consider it.

Thanks!

Regards,
RG.