lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 2 Oct 2022 09:25:01 -0400
From:   Slade Watkins <srw@...dewatkins.net>
To:     Theodore Ts'o <tytso@....edu>
Cc:     "Artem S. Tashkinov" <aros@....com>,
        Thorsten Leemhuis <linux@...mhuis.info>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Konstantin Ryabitsev <konstantin@...uxfoundation.org>,
        workflows@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        "regressions@...ts.linux.dev" <regressions@...ts.linux.dev>,
        ksummit@...ts.linux.dev
Subject: Re: Planned changes for bugzilla.kernel.org to reduce the "Bugzilla
 blues"

Hello,

> On Oct 2, 2022, at 8:18 AM, Theodore Ts'o <tytso@....edu> wrote:
> 
> On Sat, Oct 01, 2022 at 02:58:04PM +0000, Artem S. Tashkinov wrote:
>> 
>> My expectations are actually quite low:
>> 
>> * A central place to collect bugs (yeah, bugzilla)
>> * Proper up to date components (they don't change too often, so there's
>> not a lot of work to be done - you can refresh them probably every 12-24
>> months and it's gonna be totally OK)
>> * An ability to CC the relevant people/mailing lists (this is the only
>> serious missing feature)
>> 
>> That's it. It's a billion times better than random emails sent to random
>> mailing lists. Signing up once is easier that to keep track of whom and
>> where you've emailed or not. And of course it's a ton lot easier to find
>> the existing bug reports.
> 
> First of all, some of the components do CC the relevant mailing lists
> automatically.  And this is the part of Bugzilla which is hand-hacked
> and has no, zero, nada support upstream.  I'll defer to Konstantin
> about how easy it is to keep that working.
> 
> Secondly, not everyone is happy with getting an e-mail message sent to
> a mailing list that has a lot of bugzilla metadata associated with it,
> and depending on how they respond, the response might not make it back
> to bugzilla.

+1. 

Personally, I prefer Bugzilla _over_ getting e-mail. But that’s just my opinion.

>> Bugzilla as it is works nearly perfectly. We have a number of developers
>> who don't want to touch it or get emails from it - it's their right.
>> However it would be madness to take it from users. That will make filing
>> and following up on bug reports an absolutely poor experience for
>> absolute most users.
> 
> At the moment, developers aren't following up on the bug reports.
> There is some debate as to why.  Is it because users who can't figure
> out how to send e-mail, and who send web-form based e-mails send low
> quality bug reports that can't be easily responded to unless someone
> is paid $$$ and/or has the patience of a saint?  Is it because
> components aren't being gatewayed to mailing lists?

My hope is that we find a solution that *encourages* developers to follow-up on bug reports. So far, we’ve just gone back and forth on this and gotten nowhere.

> 
> And if we force developers to get Bugzilla spam whether they want it
> not, and they said, "absolutely not", is it there right to have the
> mailing list gateway disabled --- and if so, what does that do to the
> user experience?  Thats basically the situation we have right now.

Yep, agreed.

-srw

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ