Security updates should require severity to be set #2206
Labels
Comments
bowlofeggs
added
RFE
|
When implementing this, consider whether it may also make sense to force bugs to indicate severity. Enhancement and newpackage updates probably don't make sense to even have "severity", though it's harmless so we can let them have it without enforcing it. |
|
#1814 will be a blocker for implementing this. |
|
#1726 suggests disabling severity on newpackage and enhancement updates. |
ghost
mentioned this issue
mergify bot
pushed a commit
that referenced
this issue
Aug 24, 2018
fixes #2206 Signed-off-by: Vismay Golwala <[email protected]>
|
This feature is planned to be included in the upcoming 3.10.0 release: #2556. |
|
This feature has been deployed to Fedora's staging Bodhi instance: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It recently came to FESCo's attention that security updates often don't have severity set by the packager (it's often set to "unspecified", the default). This makes it difficult to tell which updates might be important to push immediately, vs. waiting for the next batch. Outside of that problem, it would also be better for our users if we had indications on the severity of our security updates, now that severity is included in our updateinfo.xml.
The text was updated successfully, but these errors were encountered: