[Bug 240774] security/py-fido2: Update to 0.7.1
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Sep 24 03:51:42 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=240774
--- Comment #12 from Kubilay Kocak <koobs at FreeBSD.org> ---
(In reply to Michael Gmelin from comment #11)
Totally, it's a hard problem, with context, industry, organization, product and
team specific considerations, such that most just do the 'gut feel' on and
never measure its effectiveness/value.
That the vast majority don't do it well doesn't mean FreeBSD shouldn't or
can't, and that's where I start from.
And yeh, importance to you/others is one way, which has its pro's
(user-value/pain orientedness) and con's (subjective, hard to map to priority
consistently/objectively in the project context)
That makes me think of a few other guidelines that may help isolate a good
schema:
- Nothing says initial values must be precise/correct. They can be adjusted.
- Assume we (the project, developers) can and do triage, we are best placed to
adjust
- Since they're initially reporter set, semantic value/meaning to the reporter
is important, otherwise why show them at all. We could change to "internal only
prioritization"), but we'd lose the benefit of signal from reporters on
severity which assists searching/browsing
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the freebsd-python
mailing list