blob: 052d5b2557cf3de58fa87e52e1ff27487d8b9358 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
---
features:
- |
A new pipeline attribute,
:attr:`pipeline.allow-other-connections`, has been added
to ensure that only changes from connections which
are mentioned in the pipeline configuration (such as triggers,
reporters, or pipeline requirements) are enqueued.
security:
- |
Non-live items are now subject to pipeline requirements for
independent pipelines.
Previously, an optimization for independent pipelines skipped
checking that a change met the pipeline requirements. If an
independent pipeline is intended only to run reviewed code, this
could allow running unreviewed code by updating dependent changes.
Now both non-live and live items are subject to pipeline
requirements in all pipeline managers.
- |
The new `allow-other-connections` pipeline configuration option
may now be used to ensure that only changes from connections which
are mentioned in the pipeline configuration (such as triggers,
reporters, or pipeline requirements) are enqueued. This allows
the construction of a pipeline where, for example, code review
requirements are strictly enforced, even for dependencies which
are not normally directly enqueued.
|
