lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 2 Oct 2022 19:59:27 -0400
From:   Slade Watkins <srw@...dewatkins.net>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     Laurent Pinchart <laurent.pinchart@...asonboard.com>,
        "Artem S. Tashkinov" <aros@....com>, Theodore Ts'o <tytso@....edu>,
        Thorsten Leemhuis <linux@...mhuis.info>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Konstantin Ryabitsev <konstantin@...uxfoundation.org>,
        workflows@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        "regressions@...ts.linux.dev" <regressions@...ts.linux.dev>,
        ksummit@...ts.linux.dev,
        Mario Limonciello <mario.limonciello@....com>
Subject: Re: Planned changes for bugzilla.kernel.org to reduce the "Bugzilla
 blues"

Hi,

> On Oct 2, 2022, at 6:18 PM, Steven Rostedt <rostedt@...dmis.org> wrote:
> 
>> 
>> I believe the same holds true for bug tracking and support. At the end
>> of the day, someone will need to pay for it, but we could shatter the
>> traditional model here too. We could, given enough interest, bridge the
>> gap between all involved parties and create a support model that would
>> benefit everybody. It took years and huge efforts for Linux to evolve
>> towards more professionalism in many areas, and it would take more years
>> and more effort to continue and expand that, but I believe it would be
>> feasible.
> 
> Linus went away and came back with git. Should we ask him to go away
> and come back with a better bugzilla? :-D

I mean, we could try and ask nicely, but I’d understand if the answer was no, haha.

> 
>> 
>> On the topic of triage, I've found that distro developers often do a
>> pretty good job. I've received multiple bug reports of great quality
>> following problems initially posted to distro bug trackers, after the
>> distro developers took the time needed to hold reporters by the hand to
>> get all the required information. Kudos for that !
>> 
> 
> This is what I was saying about having a liaison. It could work if we
> have someone to do it. We have one volunteer (Slade), perhaps this
> could turn out to be something more.

In all seriousness: I really believe having a liaison who’s — and I’m simplifying these items for right this second — 1) gathering information about a report from the reporter (by holding their hand through the process), 2) weeding out issues that aren’t actionable or reproducible, and 3) communicating all information to developers as clear and concise of a manner of possible will (hopefully) result in a better “bugzilla”. 

Sure, it won’t happen overnight, but I truly believe it has a chance (and as you mentioned, I’ve already volunteered to take this on and (hopefully) get something off the ground.)

-srw

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ