[dist-bugs] Use cases, etc
Joey Hess
joey at kitenet.net
Wed Jul 9 20:37:22 EDT 2008
Here's a use case that I think is a good test of just how distributed a
BTS really is, in a certian sense..
A security hole is discovered, and is being kept secret until it's
fixed. Multiple projects need to fix it and track its status both
internally and with the other involved projects.
These projects do not share a VCS tree; the same bug is either present
in different code bases, or things are just the typical mess when it
comes to cross-project source control.
All communication about the bug is done in secret over secure channels.
Once the advisories are published, the bug and the history of how it was
fixed should also become public, with discussion, links to the commits
made to various VCSs, etc all available.
At this point the public should be able to post comments to the bug,
deal with instances that were not fixed (perhaps the fix needs to be
backported to older versions of the software), etc. Also, at this point,
the bug should be just another bug, on the regular bug tracking system
of each project.
I'll be curious to see if any DBTSs can handle that.
--
see shy jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://kitenet.net/pipermail/dist-bugs/attachments/20080709/7057e189/attachment.pgp>
More information about the dist-bugs
mailing list