Sorry, If I have not made it clear. It is supposed to *help* an expert not to *replace* one.
This could help an expert prioritize picking up patches so that the easy patches could be applied without much testing. On Tue, Sep 19, 2017 at 12:30 PM, Theo de Raadt <[email protected]> wrote: > Yeah we'll rely upon it if you put up a (minimum) $100,000 bond > which pays out the first time the software makes a mistake which > introduces risk and someone is potentially holed... > > Who needs expert review, right? > > > Hi Developer and maintainers, > > > > We (researchers for UC Santa Barbara) are developing a tool that will > help > > in propagating patches. > > > > Please, It would be great if you can fill a 2-question anonymous survey: > > https://goo.gl/forms/5cBSx4axKmc8BEtA3 > > > > Would you be interested in a tool, which identifies patches that could be > > imported with a minimal or rather no testing? > > E.g. Security patches, you can import security patches as they usually do > > not affect the functionality. > > > > This tool would use only old source file and the new source file!! *No > > commit messages, no build setup, nothing!!* > > Something like: git saferebase? > > > > We actually used the tool on the OpenBSD repository and it did identify > > several (60%) patches which are safe to port or do not affect the > > functionality. > > > > > > This tool could be used to import patches from the main source branch to > > your branch without worrying about testing them. > > > > You can also use this tool as a patch monitor, which monitors all commits > > to a repository and inform you about patches that do not affect the > > functionality or otherwise safe patches. > > > > > > Thank You, > > Aravind > >
