Re: CAN to CVE: changing changelogs?
On Sat, 29 Oct 2005, Thomas Bushnell BSG wrote:
> Because it omits information, crucially, when a particular fact was
> learned. Why obscure information deliberately?
>
> > That is my whole point of contention. Not that I'd advocate going over the
> > changelog to add and update CAN and CVE data, as the security team already
> > said they don't really need it, but I want to know exactly what kind of
> > damage one would be doing by updating the changelog like that. So far, I
> > have not been convinced that we should be *against* someone doing it, if he
> > has the inclination to do so.
>
> If you add it with the actual date, saying "this was fixed by version
> such-and-such" or whatever, then you are maintaining a more accurate
> record. Why deliberately create a less accurate record?
Well, I don't see the purpose for adding dates to minor stuff (which is the
kind of modification I do) as I personaly wouldn't have any use for them
while trying to adopt/debug/NMU a foreign package... but I wouldn't have
anything against adding them, since they're wanted.
I'd still put the updated entries in the changelog "past". IMO they belong
in the proper place in the package timeline. They'd have a prefix with the
date when they were modified/added, though. ISO format would be best, I
suppose, as it is quite short and impossible to get confused over
(yyyy-mm-dd).
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
Reply to: