Quoting Tomáš Chvátal <tchvatal@suse.cz>:
Hello guys,
Just informational mail that we plan to enable bnc# checking in the changelogs to ensure that Factory submissions are in fact only listing visible bugs. [1] [2]
The code is set-up the way it checks the changelog and reports back with all occurances of bugs that were not visible (it ignores the bnc if bugzilla does not respond, so no worries if it is down, everything is approved :P).
Your actions if cases like this happen are quite simple: 1) make the initial bug visible and mark the internal comments as internal. 2) if not sure ask somebody who knows more to do it for you.
As I wrote there in the code [2] it checks the full new changelog in case some bnc should not be there we don't get conflicts when comparing just diff. So you might get request to make really old bugs visible. It is a tiny annoyance but then we ensure that all informations about our fixes can be really read by anybody.
So as a consequence I can no longer submit a security fix to address a 'non-public vulnurability' before opening the bug and making it public? :) This is probably about the only case where this makes sense anyway.. and the 'checking full logs' might hit a lot of people... especially 'us' community members.. we are very well capable to forwarding an SR, maintaining a full package, but we are typically also the ones blocked out from the non-visible bugs... I hope this won't result in a big chain where community packagers have a hard time getting old packages forwarded. Dominique -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org