Because then you protect against a compromised/misbehaving developer workstation. No matter what the individual developer does, the server will prevent a PR being merged if it doesn’t pass the server-enforced checks.
Running builds on a designated server would also protect against malware on a developer’s machine silently embedding itself into the resulting artifact and then deployed to production.
alt Hacker News
Because then you protect against a compromised/misbehaving developer workstation. No matter what the individual developer does, the server will prevent a PR being merged if it doesn’t pass the server-enforced checks.
Running builds on a designated server would also protect against malware on a developer’s machine silently embedding itself into the resulting artifact and then deployed to production.