I read through it by clicking the “next” link at the bottom. There isn’t a single email explaining it; it’s a story you have to read through to understand.
If you jump to the last message, it’s someone saying they had the same issue.
But, TL;DR a tool kernel devs use has surprising behavior that’s biting people, and can alter the commit history to be a pack of lies that looks suspiciously like malicious intent.
The thread doesn’t mention how or if the tool has been changed. The tool is b4.
It’s pretty annoying to read the mailing list, I agree. There’s a very small hyperlink that says “next” that’s right below the message body. If you click that, you can read the next message in the chain. Keep doing that until you get to the end, and yeah, it looks like this was resolved and wasn’t actually malicious.
Readers: make sure you read the replies. This happened four days ago and has since been resolved.
Im a little unfamiliar with navigating this particular mailing list, where was this resolved?
I read through it by clicking the “next” link at the bottom. There isn’t a single email explaining it; it’s a story you have to read through to understand.
If you jump to the last message, it’s someone saying they had the same issue.
But, TL;DR a tool kernel devs use has surprising behavior that’s biting people, and can alter the commit history to be a pack of lies that looks suspiciously like malicious intent.
The thread doesn’t mention how or if the tool has been changed. The tool is
b4.Towards the bottom of that page is a tree with all the replies in the chain.
Here is one where they determined it was not malicious by examining the ref logs
https://lore.kernel.org/all/20250601-pony-of-imaginary-chaos-eaa59e@lemur/
See 2025-06-01 14:40 from Konstantin Ryabitsev. Navigation is just below the post.
It’s pretty annoying to read the mailing list, I agree. There’s a very small hyperlink that says “next” that’s right below the message body. If you click that, you can read the next message in the chain. Keep doing that until you get to the end, and yeah, it looks like this was resolved and wasn’t actually malicious.