A crash on invalid *user* input can easily turn into a security
vulnerability (if only because it's a possible vector for DoS attacks),
and so should definitely be considered critical.
What's not critical is a crash when the caller of a C++ API doesn't
respect the API contract (e.g. passes a null pointer where non-null is
expected).
Regards
Antoine.
Le 14/01/2023 à 17:47, Weston Pace a écrit :
On further thought it seems a little odd to me that crashes are not
critical. However, many of our crashes are from a failure to properly
validate user input, which I agree isn't as critical. Would it be too
nuanced to say that:
* A crash, given valid input, is critical
* A crash, given invalid input, is not critical
On Sat, Jan 14, 2023, 8:12 AM Antoine Pitrou <anto...@python.org> wrote:
Hi Will,
Le 14/01/2023 à 17:06, Will Jones a écrit :
I'm quite skeptical about this. My experience is that many people have a
very subjective idea of what is critical or not, and the categorization
ends up not very informative.
Antoine, skeptical about the definition of "Critical Fix"? Or something
else? On "Critical Fix", I tried to make the definition provided not very
ambiguous, but the PR is open for feedback.
Keep in mind, I am planning on grooming these labels once every release,
and including them in the generation of the changes notes. So any drift
in
the definition will be corrected before the final list of breaking
changes
and critical fixes are published.
That clears my concerns then :-)
However, I think that an additional "Priority: critical" isn't very
useful and will end up confusing people.
Regards
Antoine.
