| 1 |
* John Helmert III schrieb am 10.11.22 um 14:19 Uhr: |
| 2 |
> On Thu, Nov 10, 2022 at 02:10:09PM +1000, Marc Schiffbauer wrote: |
| 3 |
> > * Sam James schrieb am 10.11.22 um 13:58 Uhr: |
| 4 |
> > > |
| 5 |
> > > I think we'd rename impact -> description but description would now |
| 6 |
> > > be "description of the problem" and not "description of the package". |
| 7 |
> > |
| 8 |
> > |
| 9 |
> > +1, but additionally having the short description of the package sounds |
| 10 |
> > still useful to me, as not always everybody knows what any package is |
| 11 |
> > exactly for and the description will help a lot in telling the |
| 12 |
> > impact/danger of your own infra that might be caused by that package. |
| 13 |
> > |
| 14 |
> > -Marc |
| 15 |
> |
| 16 |
> Are you saying you rely on the background field, which is generally |
| 17 |
> just the package's DESCRIPTION? Maybe glsa-check should just spit out |
| 18 |
> the package's DESCRIPTION then too. |
| 19 |
|
| 20 |
Sometimes the GLSA-Mails will be send to some team mailbox for example, |
| 21 |
and a teammember has to decide how urgent an update may be. Having a |
| 22 |
little description for the software mentioned in the GLSA is helpful |
| 23 |
then. |
Archives