Re: your first question: the buildbot process does not push, and b) 3rd party people/organizations do not have push authority, so your concern is not not about buildbot - but github and who can push into it (regardless of whether it is part of buildbot testing or not).
As to your second question: the security in place will depend on what that party considers adequate for the task; if you find a security bug in the buildbot package - post there as an issue, better publish a pull request.
On 28/01/2020 07:40, A via Python-Buildbots wrote:
I'm concerned with the security of buildbots which are provided by third-party individuals and organisations.
- What if the buildbots would infect the builds with malware or whatever else?
- What type of security precaution is in place?
Python-Buildbots mailing list -- python-buildbots@python.org To unsubscribe send an email to python-buildbots-leave@python.org https://mail.python.org/mailman3/lists/python-buildbots.python.org/