On Fri, 3 Oct 2025 09:24:14 -0700 Ron via linux <[email protected]> wrote:
> That's great, but "commercial" is a key point. A lot of software we > use is not commercial which means developers are not obligated to do > that due to working for free. Oh... OK. Your original email had the word "$software" which I assumed meant commecial software, but maybe was a typo? > Ideally they would, but I've heard of lots of burned out devs > frustrated by bug reports from distro packaging issues. Yes, that would be annoying. I have a handful of pieces of software that are packaged by various distros and I've yet to receive such a bug report. To be fair, though, my packages are either pretty simple or not widely used. :) (There was one distro ages ago that caused a fake CVE in rp-pppoe, but that's because they installed the pppoe binary setuid root. It was never designed to be run that way. So I added code that would make it abort if it was running setuid.) > (And now it's getting worse with people submitting vague, > AI-generated "bugs" that aren't even bugs, but I digress.) The way around that is simply not to use GitHub. That's where most of the AI-generated PRs and bug reports happen. At most, have a mirror of your primary repo on GitHub and configure it so PRs and bug reports cannot be created on GitHub. I self-host using Forgejo and also have mirrors of my repos on Codeberg.org and salsa.debian.org. Regards, Dianne. To unsubscribe send a blank message to [email protected] To get help send a blank message to [email protected] To visit the archives: https://lists.linux-ottawa.org
