Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Shall we use other term than "defects" in the reports? #193

Closed
siteshwar opened this issue Jul 23, 2024 · 4 comments · Fixed by #197
Closed

Shall we use other term than "defects" in the reports? #193

siteshwar opened this issue Jul 23, 2024 · 4 comments · Fixed by #197
Labels
enhancement

Comments

@siteshwar
Copy link
Member

This is a follow up on fedora-devel comment.

Not all code paths identified to contain possible bugs may be real bugs. There is objection on the use of term "defects" and "flaws" for such code paths. This issue tracks using more appropriate term for such code paths.
@kdudka
Copy link
Member

kdudka commented Jul 23, 2024

The Product Security team at Red Hat tends to call them findings.

@siteshwar @lzaoral Would it make sense to use this term upstream as well?

@lzaoral
Copy link
Member

lzaoral commented Jul 23, 2024

Would it make sense to use this term upstream as well?

Sure, why not. I don't have a strong opinion about this.

@siteshwar
Copy link
Member Author

@siteshwar @lzaoral Would it make sense to use this term upstream as well?

I was thinking about the term "Possible bugs", but I do not have a strong opinion either.

@berrange
Copy link

FYI, from my pov as a maintainer, I dislike any terminology that suggests the reported items are flaws in my projects. Given the well known high false positive rates, it is defamatory to the reputation of the project to suggest they are bugs, defects or flaws, until a human has weeded out the false positives.

"Findings" is a reasonable term that doesn't pre-suppose whether the identified items are bugs or not.

siteshwar added a commit to siteshwar/csdiff that referenced this issue Jul 25, 2024
@siteshwar
html-writer: use the term "finding"
408a585 
... instead of "defect" in the reports.

Resolves: csutils#193

Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
@siteshwar siteshwar mentioned this issue Jul 25, 2024
Merged
siteshwar added a commit to siteshwar/csdiff that referenced this issue Jul 25, 2024
@siteshwar
html-writer: use the term "finding"
0275d0a 
... instead of "defect" in the reports.

Resolves: csutils#193

Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
siteshwar added a commit to siteshwar/csdiff that referenced this issue Jul 25, 2024
@siteshwar
html-writer: use the term "finding"
e2c24bb 
... instead of "defect" in the reports.

Resolves: csutils#193

Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
siteshwar added a commit to siteshwar/csdiff that referenced this issue Jul 25, 2024
@siteshwar
html-writer: use the term "finding"
34d4e5d 
... instead of "defect" in the reports.

Resolves: csutils#193

Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
siteshwar added a commit that referenced this issue Jul 25, 2024
@siteshwar
html-writer: use the term "finding"
fe7896a 
... instead of "defect" in the reports.

Resolves: #193

Signed-off-by: Siteshwar Vashisht <svashisht@redhat.com>
@siteshwar siteshwar mentioned this issue Aug 14, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

html-writer: use the term "finding" siteshwar/csdiff
5 participants
@kdudka @siteshwar @berrange @jamacku @lzaoral