lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 26 Jul 2023 19:47:31 -0400
From: Konstantin Ryabitsev <konstantin@...uxfoundation.org>
To: Jakub Kicinski <kuba@...nel.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>, 
	Joe Perches <joe@...ches.com>, Krzysztof Kozlowski <krzysztof.kozlowski@...aro.org>, 
	geert@...ux-m68k.org, gregkh@...uxfoundation.org, netdev@...r.kernel.org, 
	workflows@...r.kernel.org, mario.limonciello@....com
Subject: Re: [PATCH v2] scripts: get_maintainer: steer people away from using
 file paths

On Wed, Jul 26, 2023 at 02:57:21PM -0700, Jakub Kicinski wrote:
> > The patchwork notification could be just a small note (the same way
> > the pull request notes are) that point to the submission, and say
> > "your name has been added to the Cc for this patch because it claims
> > to fix something you authored or acked".
> 
> Lots of those will be false positives, and also I do not want 
> to sign up to maintain a bot which actively bothers people.

I feel seen.

> And have every other subsystem replicate something of that nature.
> 
> Sidebar, but IMO we should work on lore to create a way to *subscribe*
> to patches based on paths without running any local agents. But if I
> can't explain how get_maintainers is misused I'm sure I'll have a lot
> of luck explaining that one :D

I just need to get off my ass and implement this. We should be able to offer
the following:

- subsystem maintainers come up with query language for what they want
  to monitor (basically, whatever the query box of lore.kernel.org takes)
- we maintain a bot that runs these queries and populates a public-inbox feed
- this feed is available via read-only pop/imap/nntp (pull subscription)
- it is also fed to a mailing list service (push subscription)

The goal is to turn the tables -- instead of patch submitters needing to
figure out where the patch needs to go (via get_maintainer or similar
scripts), they just send everything to lkml or patches@...ts.linux.dev and let
the system figure out who needs to look at them.

That's for the part that I was already planning to do. In addition, coming
back to the topic of this thread, we could also look at individual patches
hitting the feed, pass them through any desired configuration of
get_maintainer.pl, and send them off any recipients not already cc'd by the
patch author. I believe this is what you want to have in place, right, Jakub?

-K

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ