On 4/16/14 10:00 AM, "Dan Smith" <d...@danplanet.com> wrote:
>> There may be some consistency work needed. I spent some time/text in >> justification around no security impact in a spec. I was guided >> specifically that None was a better statement. > >I think you're referring to me. What I said was, you went into a lot of >depth explaining why there was no security impact for things that I felt >were fairly common. Yeah, agreed. As I responded, it has more to do with working in environments where security always needed to be answered (regardless of triviality). "None" wasn't acceptable. The template to my reading didn't really guide in this regard. I may have missed something though. > >That said, even in code reviews, you're going to get opinions from lots >of different people, and they're not all going to match up 100%. That's >okay, and to be expected, IMHO. It's obviously desirable for us to have >a core (and drivers) team that all have roughly the same opinion on what >is suitable and not, but expecting total consistency is not realistic or >necessary, I think. I'm not asking for 100% consistency. I'm just raising it since it seems to be early in the process change and want to work out these kinds of things. If it turns out to be an outlier then great. Perhaps a better way for me to say it, is we should be on the lookout given the process is new for consistency concerns. It's probably too idealistic, but I would rather have a 1-3 spec review cycle rather especially for the smaller features. That's my main concern with having some consistency moving forward. That's also on the developer side. If they have the tools to generate the spec correct the first go-around it helps everyone. > >Remember that just because someone -1s a patch, doesn't mean that every >single comment they made was -1 worthy on its own. Often times I will -1 >for a spelling mistake and then make a bunch of other purely-opinion >comments which don't necessarily need to change. Sure, but I also take -1s seriously and try to address them as best I can. Even if they are purely-opinion. Christopher > >--Dan > > >_______________________________________________ >OpenStack-dev mailing list >OpenStack-dev@lists.openstack.org >http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
