Re: On Bugs

[Joey Hess <joeyh@debian.org>]

Anthony Towns wrote:
> I think the cause of such inflated severities (and occassionally
> deflated severities: a number of important bugs actually should
> be grave or critical, or at least that was the case during the freeze)
> is the extremely poor definition of important, namely:
> 
> important   any other bug which makes the package unsuitable for release. 
> 
> (from reportbug)

I agree for the most part.

> I'd like to get this changed. I think a much, much better definition would
> be as follows:
> 
> important   any other bug which is a severe violation of Debian policy
> 	    (violates a must directive)

It may be a better definition (or not, I've read some good arguments
against that definition), but there is no hope a debian user will ever
understand it. Even for a developer, even a developer who is quite
familiar with policy, it requires a policy lookup to check.

It might make sense to ditch the severity question entirely and ask a
series of y/n questions like:

Does this bug introduce a security hole?
Has it caused data loss?
Does it break unrelated software (or the whole system)?
Does it make the package unusable?
Do you think other people are likely to be bothered by it?
Should the buggy package be removed from the next release of debian if
  it is not fixed?
Do you know of a fix or workaround for the bug (include in report if so)?
Can you reproduce the bug?
Is this just a feature request?

Of course some of these questions can be skipped based on the answers of
others (I feel there's a dichotomous key hidden in here somewhere). The
point though is that these questions map to the severities we have now, or 
provide information the maintainer will want to know. Then the bug tool
could calculate a severity from the answers and include the answers in
the report for good measure.

-- 
see shy jo