| 1 |
> On 11 Nov 2022, at 22:40, Sam James <sam@g.o> wrote: |
| 2 |
> |
| 3 |
> |
| 4 |
> |
| 5 |
>> On 11 Nov 2022, at 22:06, Gordon Pettey <petteyg359@×××××.com> wrote: |
| 6 |
>> |
| 7 |
>> On Thu, Nov 10, 2022 at 6:27 PM John Helmert III <ajak@g.o> wrote: |
| 8 |
>> On Thu, Nov 10, 2022 at 09:49:27PM +0100, Jonas Stein wrote: |
| 9 |
>>> On 10/11/2022 03:27, John Helmert III wrote: |
| 10 |
>>>> The first GLSA in glsa.git is GLSA-200310-03, the third GLSA of |
| 11 |
>>>> October 2003. It used roughly the same format of the GLSAs we release |
| 12 |
>>>> today, in 2022, making that format almost as old as me. |
| 13 |
>>> |
| 14 |
>>> IFF we change the format, we should not invent a new standard [1] but |
| 15 |
>>> use existing one like CSAF [2] |
| 16 |
>>> |
| 17 |
>>> [1] https://imgs.xkcd.com/comics/standards.png |
| 18 |
>>> [2] https://oasis-open.github.io/csaf-documentation/ |
| 19 |
>> |
| 20 |
>> We're not inventing a new "standard", we're upgrading the format we use |
| 21 |
>> to distribute GLSAs. |
| 22 |
>> |
| 23 |
>> Standard, format, semantics. You are producing a new schema in a field where at least one usable (and already-improved?) schema exists. NIH? |
| 24 |
> |
| 25 |
> Can you point to a format which would support using our ebuild operators |
| 26 |
> & syntax rather than making a (very) vague suggestion? |
| 27 |
> |
| 28 |
> See also ajak's point about being the one to implement it, in lieu |
| 29 |
> of volunteers. |
| 30 |
|
| 31 |
Oh I see, I'd missed the actual link to CSAF, sorry. |
| 32 |
|
| 33 |
I'll take a look. It's not clear to me yet if this is going to be a good |
| 34 |
fit for distributions though, as we're not a normal "vendor". |
| 35 |
|
| 36 |
Are you aware of any other Linux distros using this? |
Archives
