[isabelle-dev] Jenkins maintenance

Lawrence Paulson lp15 at cam.ac.uk
Thu Oct 6 15:25:51 CEST 2016


I have wanted to keep out of this rather fraught discussion, but I agree on this issue. How dangerous it is depends on how critical those secrets are. And I’m perfectly aware that key management can be difficult and maybe there is little point if only one instance of this thing is running. Still, it isn’t ideal.

Larry

> On 6 Oct 2016, at 13:00, Makarius <makarius at sketis.net> wrote:
> 
> Putting secrets into a repository is a bad idea -- they stay there
> forever, even if they are "deleted" in some versions. When it is clone
> eventually, secrets will leak.




More information about the isabelle-dev mailing list