I created one: ZOOKEEPER-3968
When running commit script we can add this to the commit message.
- Norbert
On Fri, Oct 9, 2020 at 2:03 PM Enrico Olivelli wrote:
> Il Ven 9 Ott 2020, 13:51 Norbert Kalmar ha
> scritto:
>
> > We could create an umbrella jira for the ones that have not been updated
Norbert Kalmár created ZOOKEEPER-3968:
-
Summary: ApacheCon Bug Bash fixes
Key: ZOOKEEPER-3968
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3968
Project: ZooKeeper
Issue Type: Bug
Il Ven 9 Ott 2020, 13:51 Norbert Kalmar ha
scritto:
> We could create an umbrella jira for the ones that have not been updated,
> something like "BugBash fixes" and just commit them under it.
>
Works for me for trivial patches.
Good idea Norbert
Enrico
> On Sat, Oct 3, 2020 at 10:01 AM Enric
We could create an umbrella jira for the ones that have not been updated,
something like "BugBash fixes" and just commit them under it.
On Sat, Oct 3, 2020 at 10:01 AM Enrico Olivelli wrote:
> Tom
> Generally the only requirement is that you create a JIRA and report the
> JIRA od in the commit m
Tom
Generally the only requirement is that you create a JIRA and report the
JIRA od in the commit message.
Creating a JIRA also helps the contributor to understand/classify the
problem and the proposed solution.
I forgot to add that there should be some statement in the PR comments that
tells that
> Perhaps Muse.dev can work with us to automate the process of creating
tickets for the issues that were raised?
We don't have any way to automatically open matching JIRA issues but can
certainly guide the new contributors to the right steps. I'll check in
with them on their respective PRs.
On F
Michael,
I haven't been through Zookeeper's contribution guide, but can follow it as
well as the next dev. I'd be happy to give the contributors some pointers
and will get over to the PRs soon.
-Tom (MuseDev)
On Fri, Oct 2, 2020 at 7:35 PM Michael Han wrote:
> Let's not close these pull reque
Let's not close these pull requests as invalid as they are with very good
intentions. Can someone on this list from MuseDev please work with the
contributors so they are aware of our contribution guideline:
https://cwiki.apache.org/confluence/display/ZOOKEEPER/HowToContribute
For these pull reques
I know you're not asking me, but with my Community Development hat on, I
strenuously encourage you to view this as an opportunity to bring on new
contributors, and couch your response accordingly. Anything that comes
across as scolding them for Doing It Wrong is going to leave a bad taste
and p
That's very cool. If I understand this correctly, these are not automated,
there are real contributors behind the PRs, right? Closing the PR would be
harsh, so why not simply asking the contributor to create an issue and update
the PR?
-Flavio
> On 2 Oct 2020, at 17:26, Enrico Olivelli wrote:
Hey !
it looks like the Bug bash has brought a few Pull Requests
https://github.com/apache/zookeeper/pulls
Unfortunately they are not following the contribution guidelines (for
instance there is no associated JIRA)
https://cwiki.apache.org/confluence/display/ZOOKEEPER/HowToContribute -
Most of t
Enrico,
That sounds great. We'll get the repo activated.
Tom
On Sun, Sep 27, 2020, 11:11 PM Enrico Olivelli wrote:
> Tom
> Overall I think that we can move forward.
>
> This thread has been around for a while, there are no objections, every
> question has been answered.
>
> Thank you very muc
It does sound like a good initiative, thanks for including us. I still have the
concern that others have expressed below around exposing security issues. We
have guidelines to follow and shouldn't be exposing them openly. I see that Tom
said:
>> All open source and in moderate to wide use alrea
Tom
Overall I think that we can move forward.
This thread has been around for a while, there are no objections, every
question has been answered.
Thank you very much
I hope this activity will help in growing Zookeeper project both in code
quality and with more contributions, that is to help the
Norbert,
Yes, you understand that correctly. And those analyzers are FindSecBugs,
Error Prone and Infer. All open source and in moderate to wide use
already. Only find sec bugs is security specific - Infer and Error Prone
might find security bugs but they are more general purpose in nature.
-T
Hello Tom,
+1 on the initiative, thanks for bringing this to our attention.
If I understand correctly, there will be no disclosed security issues which
cannot be found with open source static analyzers.
Regards,
Norbert
On Sun, Sep 27, 2020 at 8:23 AM Szalay-Bekő Máté
wrote:
> Hello Guys,
>
Hello Guys,
In general I like the idea, but unfortunately I can not really participate
(either in the coding or in the review) as I have a few important projects
close to deadline at the moment.
My only concern is with the security bugs, which I don't like to be openly
reported before publishing
Enrico et al,
Are there other thoughts on this? It would be great to get setup before
the bash actually begins. Enrico, lacking other voices would you like to
make a final call?
-Tom
On Thu, Sep 24, 2020 at 3:30 AM Enrico Olivelli wrote:
> Tom,
> Personally I am +1 with this proposal. Thanks
Tom,
Personally I am +1 with this proposal. Thanks for your clarifications.
But we should ear opinions from other people in this list
Enrico
Il giorno mer 23 set 2020 alle ore 23:51 Tom DuBuisson ha
scritto:
> Enrico,
>
> On the topic security issues and reporting: Muse's default configurati
Enrico,
On the topic security issues and reporting: Muse's default configuration
is open source tools and here it is run on open source projects. The
results are thus already available publicly (in this case from FSB, Infer,
and Error Prone). Muse doesn't post anything to GitHub except in the c
Il Mer 23 Set 2020, 19:02 Tom DuBuisson ha scritto:
> Enrico,
>
> The Muse App requires two main abilities. First is events, such as
> notification when pull requests are opened or updated. Second is
> permission to post comments (which is always possible for humans but more
> tightly controlle
Enrico,
The Muse App requires two main abilities. First is events, such as
notification when pull requests are opened or updated. Second is
permission to post comments (which is always possible for humans but more
tightly controlled when the poster authenticates as a github application).
The rep
Il Mer 23 Set 2020, 00:44 Tom DuBuisson ha scritto:
> Zookeeper Developers,
>
>
>
> As part of our sponsorship of ApacheCon, our company MuseDev is doing a Bug
> Bash for select Apache projects. We'll bring members of the ApacheCon
> community together to find and fix a range of security and perf
Zookeeper Developers,
As part of our sponsorship of ApacheCon, our company MuseDev is doing a Bug
Bash for select Apache projects. We'll bring members of the ApacheCon
community together to find and fix a range of security and performance bugs
during the conference, and gameify the experience wi
24 matches
Mail list logo
