As per the Core Infrastructure Initiative guidelines we now meet the requirements for a badge, the details of the submission is here: https://bestpractices.coreinfrastructure.org/projects/111 A lot of it just required updating our documentation to enable folks to report security issues. If there are things that need to be adjusted please let me know. A lot of this follows the Linux kernel submission for a lot of things: https://bestpractices.coreinfrastructure.org/projects/34 Things we need to improve on though are automated tests specific to backports against a series of kernels, and also providing a bit of a description when we make new releases. I realize that is hard, but its also hard for Linux, we have no reasons no to be able to do that as well. As for run time testing, we know folks out there in the industry already use backports and do their own run time tests against drivers, and this may be automated, we however need something more, at the very least a boot. Looking for something minimal to start off, how about this: https://github.com/michal42/qemu-boot-test This doesn't yet load modules but it should be possible to add support for it. I suppose we'd need to backport some qemu related drivers, and call it a day to start off with? Anyone oppose to that? Any other ideas? I know we discussed the possibility of using 0-day somehow, but 0-day builds full kernels, not packages that provide modules, and our issues also is we would need coverage of testing over a series of kernels. If you have further information about how you use backports to do any regular run time testing, information on that would be appreciated. Luis -- To unsubscribe from this list: send the line "unsubscribe backports" in
