Skip to content

Commit

Permalink
Update docs/spec/draft/threats.md
Browse files Browse the repository at this point in the history 
Signed-off-by: Zachariah Cox <[email protected]>
  • Loading branch information
@zachariahcox
zachariahcox authored Dec 4, 2024
1 parent fcd0db8 commit cc9df6e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion docs/spec/draft/threats.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -213,7 +213,7 @@ Intermediate revisions don't count as being reviewed and are not added to the pr

*Example:* Adversary sends a pull request containing malicious commit X and benign commit Y that undoes X.
The produced diff of X + Y contains zero lines of changed code and the reviewer may not notice that X is malicious unless they review each commit in the request.
If X is allowed to become reachable from the protected branch, the content may become available in secured contexts, such as developer machines and vulnerable to exploits.
If X is allowed to become reachable from the protected branch, the content may become available in secured environments such as developer machines.

Solution: The code review tool does not merge contributor-created commits, and instead merges a single new commit representing only the reviewed "changes from all commits."

Expand Down

0 comments on commit cc9df6e

Please sign in to comment.