On Tue, 5 Aug 2008 06:24:19 am Nico Golde wrote: > Hi Gerfried, > > * Gerfried Fuchs <rhonda@deb.at> [2008-08-04 22:11]: > > * Nico Golde <nico@ngolde.de> [2008-08-04 21:01:18 CEST]: > > > * Thijs Kinkhorst <thijs@debian.org> [2008-08-04 20:16]: > > > > We have the following options: > > > > - Keep the current feed. > > > > It works. But, it's only updated a few times a week, but this may > > > > get more often in the future. > > > > > > While I agree that this may be bad because we get some of > > > the vulnerabilities later I also see a good thing in this. > > > This way we don't have to work on this every day but are > > > able to work on bigger chunks every now and then which may > > > be better unless we have more active people working on new > > > CVE ids. > > > > I don't follow that reasoning. Even if the stuff gets in more timely it > > doesn't mean that they would have to get processed more timely than they > > are processed currently. If you feel like working on bigger chunks feel > > free to let it pile up like it's done through the way it's received. I > > see much bigger advantages with changing it than what might be > > considered a good thing in this... > > Yes but then there is also no advantage doing it the other > way. But maybe you are right and it would be slightly better > as those issues show up in the TODO section of the tracker > so people can see that these issues are already "known". I'd rather let them stay in the tracker as TODO items. It is the easiest entry point for new contributors, plus I have to say that a big chunk of TODO items (and doing a lot of NFU checking) is quite often demotivating (personally speaking). Cheers Steffen
Attachment:
signature.asc
Description: This is a digitally signed message part.