nuttxpr commented on PR #14704: URL: https://github.com/apache/nuttx/pull/14704#issuecomment-2464884416
[**\[Experimental Bot, please feedback here\]**](https://github.com/search?q=repo%3Aapache%2Fnuttx+13552&type=issues) No, this PR does not fully meet the NuttX requirements. While it provides a summary of the *what*, it lacks sufficient detail on the *how*. The impact section is overly brief and doesn't address the specific points requested. The testing section is insufficient and claims no testing was performed, which is unacceptable. Here's a breakdown of the missing information: * **Summary:** Needs more detail. *What tools* are being used? *How* does this change bring us closer to SBOM generation? What files were changed? What specific SPDX identifiers were added? A link to the related issue requesting this feature would be beneficial. * **Impact:** Needs to explicitly address *all* listed points, even if the answer is "NO". For example: * **Is new feature added? Is existing feature changed?** (Yes, SBOM support is being improved) * **Impact on user:** (Potentially yes, if they are using SBOM generation tools. Describe how.) * **Impact on build:** (Probably no, but state this explicitly) * **Impact on hardware:** (No) * **Impact on documentation:** (Likely yes, documentation should be updated to explain how to leverage the new SPDX identifiers. State if this documentation is included in the PR.) * **Impact on security:** (Possibly yes/no - justify the answer. Does adding SPDX identifiers improve provenance tracking and therefore security?) * **Impact on compatibility:** (Probably no, but state explicitly) * **Testing:** "NONE" is not acceptable. Even for seemingly minor changes, some level of testing is required. At a minimum, the PR should confirm that the project still builds successfully for the relevant architectures and that no regressions have been introduced. Provide details on the build host and target(s) used for testing. If no functional changes are immediately testable, explain why and describe any planned future testing. Even a simple "Built successfully on Linux/x86_64 with GCC 12.x for sim:nsh" is better than nothing. Without this information, it's difficult to assess the validity and impact of the proposed changes. The PR should be updated to address these points before it can be considered for merging. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
