@GnuTzu
You make a valid point, however it requires more context. I mean... you do realize that it's very easy to set up a construction using a specific refspec which makes sure that you don't pull it directly onto the master but another (sub)branch instead?
Or... what if the project makes sure that only production worthy code gets onto the master branch and everything else remains limited to the dev branches?
Ergo: you can pull code onto a production server, but that is no guarantee that it will also immediately go live right away.
Still; how is this any different from, say, a server pulling packages directly from a repository? It doesn't have to pose any risks, depending on context.
You make it sound as if this construction is always a bad idea, but it doesn't have to.
Biting the hand that feeds IT
