Re: Allowing anonymous users to submit crashers via bug-buddy: Yes/No?

From: Elijah Newren <newren gmail com>
To: gnome-bugsquad gnome org
Subject: Re: Allowing anonymous users to submit crashers via bug-buddy: Yes/No?
Date: Thu, 9 Feb 2006 09:56:01 -0700

On 2/9/06, Olav Vitters <olav bkor dhs org> wrote:
> The XML-RPC post by fer showed a Bug-Buddy which didn't ask for any
> information (steps to reproduce or an email address). See
> http://www.gnome.org/~fherrera/blog/new-bugbuddy.html
>
> I'm against allowing anonymous users to submit crasher bugs. Mainly
> because I fear this will cause a huge increase in workload, without
> providing clear benefits (you might have one or two good bugs, but do
> not believe it is worth it). My opinion is that bugs will always be
> filed, so we will always get this information from a normal user.
>
> Fer + Elijah, possible Luis disagree.

Yeah, it appears we have fundamentally different assumptions about
usefulness vs. workload involved in such a change, and the real crux
of the matter is that we don't really have a clue how it would turn
out as we have never tried it.

Can I suggest a compromise?

As part of the XML-RPC communication, bugzilla tells bug-buddy whether
an email address is required to create a bug report.  That way we can
try out anonymous submissions for a while, and if it sucks, turn it
off when we want to do so without having to wait for new versions of
bug-buddy to get deployed.

<snip>
> For instance Bug-Buddy could do:
> 1. Submit stracktrace automatically (to some function that will not
> create a bug)
> 2. Determine on server if it has been fixed yet
> 3a. If fixed: Tell user, exit
> 3b. If needs_info: Ask user for info?
> 3c. If needs_contact: Ask user for info + require email address?
> 3d. If known: Increase some counter to show how often a crash is seen?
> 3e: If new crash: Ask user for info + email address?
> 4. Submit stuff again to create a bug (if needed)
>
> 3c would require an email address. Not sure about 3e.
>
> Above requires a system to reject known fixed crashers. That would
> system would be manually maintained by the developers of a project
> using the 5 functions (as found by simple-dup-finder). The developer
> would be able to specify an action to occur (saying it was fixed, needs
> info, custom message, etc).

This sounds cool, with the possible extra step of determining whether
an email is required being added to this list.  Also...

> So if you look at lots of (Bug-Buddy) bugs.. would you appreciate
> anonymous posts? Would 'steps to reproduce' be required?

I think steps to reproduce should be optional (at least by default. 
We could try to be clever here and have bugzilla process the initial
information and determine whether extra steps should be required for
that bug and notify bug-buddy of this; it may start out as something
that's always optional and that we start requiring in certain cases as
we gain more infrastructure).

Also, I really think the user should be given an opportunity to review
the information that will be made into a bug report before it
officially becomes one.  Yes, it is extremely rare that passwords and
such show up in stack traces, but it definitely happens.  It's really
bad even if it's really rare.

Anyway, that's my additional $0.02 on the matter.  :)

Elijah

References:
- Allowing anonymous users to submit crashers via bug-buddy: Yes/No?
  - From: Olav Vitters

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]