Versions Compared

Old Version 1

changes.mady.by.user Nimisha Asthagiri

Saved on

compared with

New Version 2

changes.mady.by.user Ben Holt

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Topics

"Does everything need to get code reviewed?"

This is routinely asked in feedback on the security training course; I'm in the process of composing a FAQ and would like to hear opinions from the group on this one.

Small doesn’t necessarily mean innocuous.  But being explicit about what kind of small changes we’re okay with would be better than a blanket "trust the developer" statement. For example:

  • Typos in strings

  • Fixing comments

  • Documentation

  • Others things?

(Note: this is specifically for non-PCI-scope - there will be a separate FAQ for PCI-scope)