Binary test cases are sketchy because they can be vectors for phising and other malware. Lets strongly hint that source bases tests are preferred and binaries should have their provenance declared.
Suggested-by: Peter Maydell <[email protected]> Signed-off-by: Alex Bennée <[email protected]> --- .gitlab/issue_templates/bug.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitlab/issue_templates/bug.md b/.gitlab/issue_templates/bug.md index 53a79f58284..cdb7ac1fe72 100644 --- a/.gitlab/issue_templates/bug.md +++ b/.gitlab/issue_templates/bug.md @@ -55,6 +55,10 @@ https://www.qemu.org/contribute/security-process/ <!-- Attach logs, stack traces, screenshots, etc. Compress the files if necessary. If using libvirt, libvirt logs and XML domain information may be relevant. + +If attaching binary test cases you should describe where they where obtained +from preferably linking to the original source. We greatly prefer test cases in +the form of source code that can be audited before compiling by the engineer. --> <!-- -- 2.47.3
