On Sat, Feb 08, 2025 at 04:36:47PM +0100, Thorsten Leemhuis wrote: > On 07.02.25 10:05, Laurent Pinchart wrote: > > Thank you for the patch. > > Thx for saying that! > > > On Thu, Feb 06, 2025 at 03:30:10PM +0100, Thorsten Leemhuis wrote: > >> Point out that explicit permission is usually needed to tag other people > >> in changes, but mention that implicit permission can be sufficient in > >> certain cases. This fixes slight inconsistencies between Reported-by: > >> and Suggested-by: and makes the usage more intuitive. > >> > >> While at it, explicitly mention the dangers of our bugzilla instance, as > >> it makes it easy to forget that email addresses visible there are only > >> shown to logged-in users. > >> > >> The latter is not a theoretical issue, as one maintainer mentioned that > >> his employer received a EU GDPR (general data protection regulation) > >> complaint after exposing a email address used in bugzilla through a tag > >> in a patch description. > > [...] > >> -Be careful in the addition of tags to your patches, as only Cc: is appropriate > >> -for addition without the explicit permission of the person named; using > >> -Reported-by: is fine most of the time as well, but ask for permission if > >> -the bug was reported in private. > >> +Be careful in the addition of the aforementioned tags to your patches, as all > >> +except for Cc:, Reported-by:, and Suggested-by: need explicit permission of the > >> +person named. For those three implicit permission is sufficient if the person > >> +contributed to the Linux kernel using that name and email address according > >> +to the lore archives or the commit history -- and in case of Reported-by: > >> +and Suggested-by: did the reporting or suggestion in public. Note, > >> +bugzilla.kernel.org is a public place in this sense, but email addresses > >> +used there are private; so do not expose them in tags, unless the person > >> +used them in earlier contributions. > > > > I like this text very much, it's concise and clear. > > Glad to hear! > > > My only possible > > concern is that "explicit permission" isn't defined. I assume that > > someone sendubg a Reviewed-by or Acked-by tag in a public mail thread > > counts as permission, but strictly speaking it's not explicit. > > > > Regardless of that, I think we can clarify what explicit permission > > means in a follow-up patch. If you would like to merge this one as-is, > > Hmmmm. Not totally sure that I exactly understand what you mean, but I > think I see it. What I meant is that I interpret "explicit" as requiring an explicit mention of permission (e.g. "You can add my tag to the commit"), while replying to a patch with a tag on a public list seems to me to convey an implicit permission instead. > But I'm not sure how to solve that. Would simply > dropping the "explicit" solve this? Or should I start the section like this: Dropping "explicit" seems to be the simplest solution, but the next sentence mentions "implicit permission" which would then sound weird. > "" > Be careful in the addition of the aforementioned tags to your patches, > almost all need permission by the person named; one can be assumed if > the person provided that tag in a reply or acknowledged its inclusion "in a reply to a public list" > after being made aware that name and email address will end up in public > places where they can't be removed. > > The tags Cc:, Reported-by:, and Suggested-by: are an exception: for > those three implicit permission is sufficient, ... > """ This sounds good to me. -- Regards, Laurent Pinchart
