The JShelter UX review (https://lists.nongnu.org/archive/html/js-shield/2023-01/pdfCi7H0vUsN_.pdf) identified that bug reporting can be done only by those who can use dev tools like Pagure and GitHub. README also list jshelter@gnu.org for security bugs.
However, we do not allow unregistered users to report bug. One option is to promote sending all bug reports through jshelter@gnu.org and list the option on the web and the stores. We can expand further by adding a form to the website that would send an e-mail to the address above or take a similar action.
Any thoughts?
Metadata Update from @polcak: - Issue assigned to thomzane
Metadata Update from @polcak: - Issue tagged with: project policy
This is a good point. Without registering on Pagure or GitHub, we could offer public bug reporting to the mailing list by sending mail to js-shield@nongnu.org address and private bug reporting by sending mail to jshelter@gnu.org address.
js-shield@nongnu.org
jshelter@gnu.org
Good point about the mailing list. But AFAIK at the moment only registered persons can submit messages. And the registration needs approval from you, Michael, or, likely, other FSF members.
I sometimes mention the mailing list in a presentation or in a bug tracker. Maybe we can also reconsider our mailing list registration policies.
Anyway I suggest creating a separate bug tracking mailing list. To prevent the main mailing list from filling with spam.
Closely related: Users are confused from the Pagure/Github duality. See https://github.com/polcak/jsrestrictor/issues/194#issuecomment-1512616087. Should we explain that better in README/FAQ?
Login to comment on this ticket.