Re: RFR: openscad update

To: Helmut Grohne <helmut@subdivi.de>, Debian LTS <debian-lts@lists.debian.org>
Subject: Re: RFR: openscad update
From: Enrico Zini <enrico@enricozini.org>
Date: Tue, 28 Jun 2022 09:36:36 +0200
Message-id: <[🔎] 20220628073636.7gflc5xtsx2d2x3x@enricozini.org>
In-reply-to: <[🔎] YroTID+R3uv9iMyx@alf.mars>
References: <[🔎] YrSAMaON1VxPiTI3@alf.mars> <[🔎] CALF6qJk64NxK-smLMweDFqybLMKq_T_1a5-vZaQ5-DHqS060rQ@mail.gmail.com> <[🔎] YroTID+R3uv9iMyx@alf.mars>

On Mon, Jun 27, 2022 at 10:29:20PM +0200, Helmut Grohne wrote:

> I am having difficulties understanding the process then. I was assuming
> that packages added to dla-needed.txt would need an update. If my
> understanding of the process is correct, an unimportant issue should be
> marked in data/CVE/list and not being added to dla-needed.txt in the
> first place.

It was my same understanding at first. In practice, most packages I
picked up from dla-needed.txt I ended up handling by having a closer
look, some online exchanges, and tagging in data/CVE/list

My updated understanding is that the triaging that makes packages end up
in *-needed.txt cannot be as in depth as that which can be done
downstream of it.

I still feel new on this job, so I'm using this as an opportunity to get
peer review on my updated understanding :)

Enrico

-- 
GPG key: 4096R/634F4BD1E7AD5568 2009-05-08 Enrico Zini <enrico@enricozini.org>

Reply to:

References:
- RFR: openscad update
  - From: Helmut Grohne <helmut@subdivi.de>
- Re: RFR: openscad update
  - From: Anton Gladky <gladk@debian.org>
- Re: RFR: openscad update
  - From: Helmut Grohne <helmut@subdivi.de>

Prev by Date: Re: RFR: openscad update
Next by Date: Re: What to do with sox
Previous by thread: Re: RFR: openscad update
Next by thread: What to do with sox
Index(es):
- Date
- Thread