On Fri, Feb 10, 2017 at 04:43:17PM -0300, James Almer wrote: > On 2/10/2017 4:03 PM, Michael Niedermayer wrote: > > Hi community > > > > what do you prefer about the ffmpeg-security alias ? > > in no particular order > > > > Should everyone on the alias be listed in MAINTAINERs under a > > ffmpeg-security point? > > I'd say yes. From a transparency PoV, people should know who will > get access to such reports. > > > > > Should for everyone who is on the alias a reason be listed in > > MAINTAINERs why (s)he is on the alias ? > > IMO, there's no need for this. Read below. >
> > > > Should everyone on the alias have a reason beyond curiousity to be > > on the alias? (that is a reason that clearly benefits FFmpeg) > > Yes, it should be about intending to fix reports and/or review fixes > made by others. Curiosity alone is not enough at all. ok We have 938 open bugs on trac We have 84 open bugs on trac that contain the keyword "regression" We have 55 open coverity issues We have 475 patches on patchwork needing some action, either having their status updated if its wrong or needing review/apply/reject someone wanting to review patches can do that someone wanting to fix issues can do that We have no open security issues on the ffmpeg-security alias, we have no patches that need a review, in fact i think we have had no patch there this year yet. (not countig ones referenced from ffmpeg-devel) So one wanting to review patches or fix issues shouldnt really have much desire on ffmpeg-security. We can add more people to it, but what does that fix? Shouldnt we rather try to find someone to fix the regressions on trac or go over the patches on patchwork ? [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB The worst form of inequality is to try to make unequal things equal. -- Aristotle
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel