On Fri, Apr 11, 2014 at 10:26:08AM +0100, Matt Caswell wrote: > On 11 April 2014 00:00, Steve Marquess <marqu...@opensslfoundation.com> wrote: > > > > With the very, very important caveat that I'm not one of the people who > > directly carry this burden: > > > > There is certainly room for improvement in the process by which patches > > are reviewed and merged into OpenSSL. For the more straightforward bug > > fixes and minor changes it might be useful to have a mechanism where a > > patch could be approved by multiple people and then committed to OpenSSL > > almost automatically. Obviously this wouldn't work for significant > > changes like whole new APIs and infrastructure mods. > > I have long been of the view that the current process for reviewing > patches is broken. Through no individual's fault there just aren't > enough people with commit rights to review the number of patches that > get submitted. Many of these patches are really quite straight forward > and I think we miss out on a lot. I see lots of patches go by which > would have added value (e.g. documentation fixes, minor code fixes > etc). > > If someone has gone to the effort of providing a patch, then they > really deserve some kind of response (even if that response is thanks > but no thanks). Many patches go by without anyone ever looking at > them.
Yes, and this is my main motivation for starting this thread. It's unrelated to heartbleed. Kurt ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
