What’s the new hotness in protecting JS from being changed for one user?
Sure, but there's no need to publish it, right? You can get more benefit from hiring someone to reproduce it for you and double checking your build server wasn't compromised. That way you *know* someone will check rather than just hoping the public will do it for you.
-
-
It must be automated IMO.
-
Maybe, but you *have* to trust the vendor anyway, and if you don't trust them to tell the truth that they're checking the build server, then you can't trust them not to insert bugdoors... right?

- 19 more replies
New conversation -
-
-
I've just realised that if you only build every change/merge, then, when do you reproduce a build except in these circumstances?
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
