lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 14 Jan 2021 14:18:14 -0500
From:   Konstantin Ryabitsev <konstantin@...uxfoundation.org>
To:     Jani Nikula <jani.nikula@...ux.intel.com>
Cc:     Thorsten Leemhuis <linux@...mhuis.info>,
        Jonathan Corbet <corbet@....net>,
        Randy Dunlap <rdunlap@...radead.org>,
        linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 (RFC)] docs: discourage users from using
 bugzilla.kernel.org

On Wed, Jan 13, 2021 at 01:17:10PM +0200, Jani Nikula wrote:
> >> Well, that said, a lot of stuff sent to the _proper_ mailing lists also never
> >> receives a response
> >
> > Good point.
> 
> There's a school of thought that this is actually a feature. If there's
> no attention, the reports on the list will just fade away and be
> forgotten. Whereas in bugzilla, someone needs to actively resolve even
> the ignored and forgotten bugs. (Or it needs to be automated.)

FWIW, it's easy for me to script this, if there is consensus that a bug that
hasn't seen any activity for longer than N months should be auto-closed with
some apologetic comment like:

    This bug has aged out and will be auto-closed. Sorry that it didn't work out.

    If this issue is still present in recent kernel releases, you may need to
    reach out directly to subsystem maintainers in order to get their attention
    regarding this problem.

    Please do not re-open this bug without the above step, as it will simply
    get auto-closed again in the future.

> Attending to a bug database of thousands of open bugs takes a huge
> amount of effort, and if the bugs aren't being fixed, a lot of that
> effort is just wasted. If a bug doesn't get fixed now (or soon-ish),
> what are the chances it'll get fixed months or years down the line?

Well, it's *possible* that someone comes across that bug during their research
and adds enough additional information to get it fixed. However, this is
extremely unlikely and it's better to just open a new bug anyway.

> Just musing, has anyone else seen a shift in bug reports from "I'm part
> of the community, and I want to help improve this stuff" towards "I'm a
> customer and I demand support"? I don't think the kernel community can
> really cater to the latter very well, and would be better directed at
> distro bug trackers.

I haven't seen any specific change like that. One good thing about bugzilla is
that people who do file bugs have already overcome significant barriers to
sign up and navigate the quaint, decades-old bugzilla interface -- so their
bug reports tend to be generally well-written.

-K

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ