On Fri, 2004-02-27 at 22:19, Javier Fernández-Sanguino Peña wrote: > Reviewing the NMU I can see that the applied patch does not include any of > the comments I provided (nor references) which, I believe, gave appropiate > credit. After all, Brian Hatch found this issue first (even if he did not > report it himself). > > Is there any reason why my comments (and the debug line I added) have been > removed from the patch? > A ~60 line comment in the middle of a ~1,000 line function isn't really a great place to put that kind of thing. What the code does is fairly obvious, and why it does it is documented in the ChangeLog entry for the patch. I dislike, in general, long-winded discussions of code in the middle of functions. Various articles and papers are interesting to the security expert, but not to the maintainer of the code. The *right* place for such discussions, and provision of relevant papers and articles is the bug tracking system. The change to the code is then accompanied by a reference to the bug number (in debian/changelog) for the interested reader. So whilst the full history of a bug/change, who first noticed it, suggested it and/or found it, etc. etc. are all interesting -- the BTS is what keeps that information, not comments above every single block of code in the source. Scott -- Have you ever, ever felt like this? Had strange things happen? Are you going round the twist?
Attachment:
signature.asc
Description: This is a digitally signed message part