lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20201203191731.bpzvwqfldhcjhzfy@chatter.i7.local>
Date:   Thu, 3 Dec 2020 14:17:31 -0500
From:   Konstantin Ryabitsev <konstantin@...uxfoundation.org>
To:     Joe Perches <joe@...ches.com>
Cc:     James Bottomley <James.Bottomley@...senpartnership.com>,
        Vlastimil Babka <vbabka@...e.cz>,
        "ksummit-discuss@...ts.linuxfoundation.org" 
        <ksummit-discuss@...ts.linuxfoundation.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [Ksummit-discuss] crediting bug reports and fixes folded into
 original patch

On Thu, Dec 03, 2020 at 08:55:54AM -0800, Joe Perches wrote:
> Perhaps automate a mechanism to capture that information as
> git notes for the patches when applied.

Git notes have a limited usefulness for this -- they are indeed part of 
the repository, but they aren't replicated unless someone does a 
--mirror clone (or specifically fetches refs/notes/*). If the goal is to 
improve visibility for contributors, then putting this info into a git 
note will hardly make more difference than providing a Link: that 
someone has to follow to a list archival service.

I can offer the following proposal:

- kernel.org already monitors all mailing lists that are archived on 
  lore.kernel.org for the purposes of pull request tracking 
  (pr-tracker-bot).
- in the near future, we will add a separate process that will 
  auto-explode all pull requests into individual patches and add them
  to a separate public-inbox archive (think of it as another 
  transparency log, since pull requests are transient and opaque).

We can additionally:

- identify all Link: and Message-Id: entries in commit messages, 
  retrieve the threads they refer to, and archive them as part of the 
  same (or adjacent) transparency log.

This offers an improvement over the status quo, because if 
lore.kernel.org becomes unavailable, someone would have to have access 
to all backend archive repositories it is currently tracking in order to 
be able to reconstitute relevant conversations -- whereas with this 
change, it should be sufficient to just have the copy of the 
transparency log to have a fully self-contained high-relevancy archive 
of both individual commits and conversations that happened around them.

I'm just not sure if this will help with the subject of the 
conversation, or if it does not serve the goal of recognizing developer 
contributions by making them more visible.

-K

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ