1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA512 |
3 |
|
4 |
On 01/21/2016 06:30 PM, Alexis Ballier wrote: |
5 |
> On Thu, 21 Jan 2016 18:25:21 +0100 Kristian Fiskerstrand |
6 |
> <k_f@g.o> wrote: |
7 |
> |
8 |
|
9 |
|
10 |
>> However it can cause complications when issues are detected, in |
11 |
>> particular security relevant ones. Attaching a CSV of bugs |
12 |
>> assigned to security with maintainer-needed CCed. |
13 |
>> |
14 |
>> e.g app-text/htmltidy has multiple reverse dependecies but is |
15 |
>> itself maintainer needed with at least two vulnerabilities (bug |
16 |
>> 561452) |
17 |
>> |
18 |
> |
19 |
> well, 'not ( forall x, x is m-n, x is crap )' and 'exists x, x is |
20 |
> m-n, x is crap' don't necessarily disagree either :) |
21 |
> |
22 |
|
23 |
Indeed, however it does cause issues with assignment when security |
24 |
vulnerabilities are reported, as nobody is CCed to handle it if m-n. |
25 |
So this list needs to be actively maintained and treecleaning is |
26 |
difficult with reverse deps involved. |
27 |
|
28 |
... we might get around this by amending procedures to CC every |
29 |
maintainer of reverse deps in these cases though (and if no rdep |
30 |
simply treeclean it). |
31 |
|
32 |
- -- |
33 |
Kristian Fiskerstrand |
34 |
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net |
35 |
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 |
36 |
-----BEGIN PGP SIGNATURE----- |
37 |
|
38 |
iQEcBAEBCgAGBQJWoRb4AAoJECULev7WN52F4ZMH/i4c5tSxJqgPmJY07c4qFkfL |
39 |
N2cNWz+lRe9xr/VQxS9kLwG9IlqEJMMe4A6f2MvIeKwgN3A+HpLHQrEfK7we6Ctl |
40 |
+wy25IxEWbfk8ajuXU89qYN29CIeZcunhcNkA/5WvZSI4fiakxMkP2aDq9nSl+t3 |
41 |
VJ5V54jVEQGvS4vBcR8hKSU7uW5fnwWFIRxV4TFeD+wQNEIDdF8dMEvvqdJUpKuj |
42 |
5LzlLnXXjBW9vB53wM8n0BsufLVOK/xU1Cx8AJabqmoUX5O+NdlDTXks2r/yuVUk |
43 |
YAze94Pb4oFKUSsQ0eHObr7vXXkpFQgwA4c4H0u75y5zAtaSDQFJ+8Fg7qIvb1k= |
44 |
=NQwO |
45 |
-----END PGP SIGNATURE----- |