Hello, On 2022-04-21 09:18, Stefan Seyfried wrote:
Now we have lots of package-checkin-denying bots making a contributor's life hard. Couldn't we add another one that ensures there is a bugzilla entry that's actually readable as an prerequisite to checking in things to factory?
when this is a hard requirement for Factory checkin a prerequirement would be that every SUSE bug is public accessible (i.e. at least one comment of every SUSE bug must be public accessible). I guess this prerequirement is not yet fulfilled. I think for Leap such a requirement is impossible because basic Leap packages are maintained "inside SUSE" (i.e. those Leap packages that are inherited from SLE15) so SUSE internal bugs are normal as reference for Leap. Perhaps a more useful requirement in practice is that at least one of the mentioned URLs in a RPM changelog entry must be public accessible? So a valid RPM changelog entry could be something like ---------------------------------------------------------- - Security fix for ... CVE-1234-56789 (bsc#98765432) ---------------------------------------------------------- where CVE-1234-56789 is public accessible but bsc#98765432 is a SUSE internal bug. Cf. https://en.opensuse.org/openSUSE:How_to_contribute_to_the_Printing_project ------------------------------------------------------------ The better your description of your change is (i.e. "what") and the easier it is to understand your explanation of the reason behind your change (i.e. "why") that you provide in the RPM changelog the more likely your change gets accepted ... "Bugfix for boo#1234 (upstream issue http://www.example.org/issue4567)" could be perfectly sufficient provided at least one of the openSUSE bug report and the upstream issue report is public accessible and tells about "what" and "why". ------------------------------------------------------------ Kind Regards Johannes Meixner -- SUSE Software Solutions Germany GmbH Maxfeldstr. 5 - 90409 Nuernberg - Germany (HRB 36809, AG Nuernberg) GF: Ivo Totev