automatically grant watchbugzilla and watchcommits?
Till Maas
opensource at till.name
Tue Oct 14 08:43:13 UTC 2008
On Tue October 14 2008, Behdad Esfahbod wrote:
> > On Sun, Oct 12, 2008 at 10:00:25AM -0700, Toshio Kuratomi wrote:
> >> When I brought this up, Bastien Nocera brought up security bugs and not
> >> wanting random people to be CC'd before a security bug is resolved. How
> >> should we deal with this?
>
> I think the correct way to deal with this is that watchbugzilla should not
> automatically CC user to bugs for the component, but instead modify the
> user's bugzilla account to watch some special address like, eg for package
> pango, pango-bugs at fedora.bugs. And the product pango changed to have
> pango-bugs at fedora.bugs as default assignee or Q/A contact. This way we
> avoid the security problem issue, as well as those inbox-filling mass
> changes to remove people from CC lists or to change default assignee of the
> product.
I do still not understand what the issue is and how this would resolve it,
e.g. if nobody who watches pango-bugs gets informed about security bugs, how
will the maintainer of the package get informed?
Nevertheless your proposal would fix the other issues you described. I would
only change to add pango-bugs to both the assignee and CC, to make sure
everyone stays in the loop, once the package is assigned to some individual.
Oh, but there is also a problem about your proposal. Afaik in this case, the
bugs do not appear on the Bugzilla Frontpage and/or the "My Bugs" search. Can
it made sure, that they do?
Regards,
Till
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: This is a digitally signed message part.
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20081014/62f1a928/attachment.sig>
More information about the fedora-devel-list
mailing list