Bruce Momjian <bruce@momjian.us> writes:
> Oh, so the bug is tracked by being part of the email reply list. That
> is a good idea. Now, how does that get assigned for non-bugs, like
> patches? Does any email sent to the lists that doesn't already have a
> bug number get one? That might be really valuable.
*Any* email? I hope not ... otherwise it's hard to see what you've got
that you don't get with a full-text search on a mailing list archive.
AFAICS the bottom line here is that we need some intelligent filtering.
In the short run I doubt that we can have that except through human
gruntwork to filter the mail traffic and update a tracker database.
Maybe after we see such a system in operation for awhile, we can start
to automate some obvious bits. But if we start with the assumption that
it's going to be mostly automated on day zero, I predict a resounding
failure.
It strikes me that the CERT CVE database might be a useful analogy.
AFAIK there is little or no automated entry into that database ---
every change has a human reviewer in front. Of course, they have some
darn good security reasons for wanting strong filters in front of their
database, but still it's a case worth thinking about. They have the
same problem of pulling status information from a lot of not-very-
well-standardized input sources.
regards, tom lane