@joeyh I think this is going to push me even further into the "no generated content in #git" camp. Got a weird binary bit of test data? Write down the steps you use to make it, write down the code that automates those steps, and include that instead, so you can generate the binaries on the fly as a part of the build/test cycle.
@atrus @joeyh@hachyderm.io I agree that is a good approach, and I try to do what whenever possible. Sometimes it is really time consuming to do that though.
@atrus @joeyh@hachyderm.io I think a more useful and realistic takeaway from the #xz #backdoor is that build systems should be clean, direct, simple, and easily readable. A key part was the m4 code in the build system that read the payload from the obfuscated test file. If the build system was easy to read, then it would have been a lot harder to do that.