On Mon, Feb 08, 2016 at 04:37:40PM +0100, Šimon Lukašík wrote: > Thing is just we have slightly different approach. Let me explain. Using OpenSCAP sounds great. Mostly, I wanted to focus on results and what the user sees rather than implementation details. The advantages you describe sound exciting, which falls under the offering-carrots aspect: new functionality that we can give people that they'll be actively want to switch to. However, I think we also need to do the "we replaced your favorite coffee brand... and you don't even know it" part wherever possible. * So, I really _do_ want the existing command to work, but maybe it's OpenSCAP underneath. [...] > The problem we are currently facing in Fedora is that you need to > have a data that you feed to the scanner. Hence, this CVE analysis > can be done only for RHEL, SuSE and Debian systems. So, we are done, > once we are able to develop plug-in to bodhi to generate the data > feed for us. What is needed for that to happen? > Do you think this approach is sensible for the ponycorn? :) Yes, with the above notes. Man, I missed a really good opportunity to call this message an "RFP". :) * I need to unify this metaphor... it's carrots and coffee rather than carrots and sticks, since we have no sticks. But on the other hand, I don't think horses like coffee. -- Matthew Miller <mattdm@xxxxxxxxxxxxxxxxx> Fedora Project Leader -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
