On 23.03.20 18:24, Mats Erik Andersson wrote: > Måndag den 23:e mars 2020, klockan 14:07, skrev Tim Rühsen detta: >> >> May I suggest that Alfred or Mats put the ChangeLog file into an own >> branch and we all add commits until we are all happy ? Then we merge >> those commits into a single one and add it to master. >> Currently it is not clear to me who is the "owner" of that file in >> regards of being responsible to put in all the suggestions made here. > > I disagree. First the correct changelog go into place, then other > matters follow. I see no other matter that matters more than keeping > a correct changelog file. We are already into deep water with the > present situation.
I made the above suggestion to speed up on the changelog issue a bit. I have no clue why you think that is a different matter. I also pointed out my current blocker - you don't even care for addressing that. > The responsibility lies with each and every member to write a useful > and relevant changelog entry with each prepared commit to master. > I would have thought the large exent of our changelog file and > my agitated outburst had made this matter clear by now. > >> Regarding mentioning a "CVE tag": Who is going to retrieve a CVE number >> ? Or has it been done already ? > > This was not meant as a git tag in any way. My statement is simply that > the publicly assigned CVE number should be included in our changelog and > in the commit message that is simultaneous with the issued commit. > This is exactly the reason why a code change and additions to ChangeLog > have to be similtaneous, in order that matter related to public security > tickets can be traced properly, be it via 'git blame', simple reading > of Changelog, or amplified by diligent and informed work. Instead of answering my questions, you start lamenting about a "git tag". I again have no clue why you do that - I never talked about that. I referenced your term "CVE tag" from one of your last emails. Is it possible to answer my questions above, please. Without an appropriate answer we are stuck. Regards, Tim
Description: OpenPGP digital signature