mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
14604 - Adding suggested comments related to securing Galaxy role versions
This commit is contained in:
parent
fa630872d9
commit
11c1814146
1 changed files with 1 additions and 0 deletions
|
@ -125,6 +125,7 @@ Here's the approach:
|
|||
'name': 'repo’
|
||||
}
|
||||
```
|
||||
- For roles installed from Galaxy, Galaxy should provide some measure of security against version change. Galaxy should track the commit related to a version. If the role owner changes historical versions (today tags) and thus changes the commit hash, the affected version would become un-installable.
|
||||
|
||||
- Refactor the install process to encompass the following :
|
||||
|
||||
|
|
Loading…
Reference in a new issue