| *** ctbruce has joined #trustable | 08:30 | |
| *** ChrisPolin has joined #trustable | 08:59 | |
| *** toscalix has joined #trustable | 09:07 | |
| *** sambishop has joined #trustable | 09:16 | |
| *** laurenceurhegyi has joined #trustable | 09:16 | |
| *** sambishop has quit IRC | 11:26 | |
| *** sambishop has joined #trustable | 12:17 | |
| jmacs | https://github.com/usnistgov/800-63-3 No licence yet, but could be another source of example specifications | 12:25 |
|---|---|---|
| ChrisPolin | Had we settled on gitlab for the study group wiki? | 13:04 |
| paulsherwood | yeds i believe so | 13:06 |
| ChrisPolin | Ok cool, thanks. | 13:07 |
| *** ChrisPolin has quit IRC | 13:21 | |
| *** ChrisPolin has joined #trustable | 13:54 | |
| *** brlogger has joined #trustable | 14:10 | |
| *** leeming has joined #trustable | 14:18 | |
| *** toscalix has quit IRC | 14:29 | |
| rjek | paulsherwood: wrt to your email just now, I struggle to think of one beyond "never accept code from people who have submitted entries to the Underhanded C Contest" | 14:49 |
| paulsherwood | :) | 14:50 |
| rjek | trust, IMO, is earned and I'm not sure there is a way to word a rule that could be applied to source code that would provide any judgement. | 14:51 |
| paulsherwood | my main hotspot is about provenance - be clear about who wrote the code. i don't know whether that leads to any rules that can be encoded into a standard, though | 14:51 |
| rjek | Beyond "use good version control" and "avoid copy and paste from other sources", I'm finding it difficult | 14:52 |
| rjek | But then we're into process rather than use of language | 14:53 |
| * paulsherwood thinks there could be an interesting exercise to establish a set of toplevel 'trustable software' 'requirements' and/or a compliance standard in mustard or opencontrol | 14:53 | |
| rjek | Yes, but I also think all of those would apply to all software regardless of language, and perhaps do not belong in a document that is specific to one | 14:54 |
| paulsherwood | well that's another thing i've been meaning to mention onlist - by implication can't the core concepts in the C rules be made more widely useful, for other languages? | 14:55 |
| rjek | Some, perhaps | 14:56 |
| *** sambishop has quit IRC | 14:58 | |
| jmacs | paulsherwood: Provenance can be established by requiring signed commits in git, for example | 15:00 |
| paulsherwood | ack | 15:03 |
| *** sambishop has joined #trustable | 15:20 | |
| *** sambishop has quit IRC | 15:40 | |
| *** sambishop has joined #trustable | 16:13 | |
| ChrisPolin | I've been doing a bit of reading around the mailing list before starting the gitlab wiki, couple of points before I proceed: | 16:51 |
| ChrisPolin | 1) Are we happy to call it 'Trustable C Coding Standard'? | 16:52 |
| *** toscalix has joined #trustable | 16:52 | |
| ChrisPolin | 2) Does this want a new project to itself? And if so, the project path is going through my gitlab account, do we want this? | 16:53 |
| ChrisPolin | (as opposed to using the existing trustable gitlab project, or setting up a new account for this study group?) | 16:54 |
| paulsherwood | ChrisPolin: i think Robert has the final say on what to call it | 16:54 |
| paulsherwood | if we can't even come up with an example of a 'trustable' rule... etc | 16:55 |
| paulsherwood | it can/should be done under trustable gitlab | 16:55 |
| AndrewBanks | Evening all... can't hang around but (at least in certain sectors) "Integrity" is what matters... I'm not sure that "Trustable" is a good enough hook. Ditto "Trustworthy"... | 16:56 |
| paulsherwood | AndrewBanks: hi!!! | 16:56 |
| AndrewBanks | :-) | 16:56 |
| ChrisPolin | Hi AndrewBanks | 16:56 |
| paulsherwood | i'm not worried about the hook, tbh - that's marketing | 16:56 |
| paulsherwood | this is an engineering discussion | 16:56 |
| paulsherwood | :) | 16:57 |
| ChrisPolin | Isn't the trustable.gitlab.io project open? | 16:57 |
| AndrewBanks | Indeed... personally, I like "High Integrity" which addresses process as well as language. | 16:57 |
| *** laurenceurhegyi has quit IRC | 17:00 | |
| *** ctbruce has quit IRC | 17:21 | |
| *** toscalix has quit IRC | 17:28 | |
| paulsherwood | AndrewBanks: ack, but i think that term is also much more widely circulated already | 17:41 |
| paulsherwood | ChrisPolin: yes? do you believe it not to be? | 17:42 |
| paulsherwood | jmacs: i see that mustard.trustable.io is a thing now... :-) | 17:42 |
| paulsherwood | is it pulling from a public repo? | 17:43 |
| jmacs | Yes, it's running. | 17:43 |
| ChrisPolin | Ah I resolved the issue, my concern was posting TS 17961 to an open repo, but I realised that my user privileges didn't allow me to create a project within trustable. | 17:43 |
| jmacs | It is displaying the contents of https://gitlab.com/trustable/baserock-mustard, but it doesn't pull automatically yet. | 17:43 |
| paulsherwood | ChrisPolin: try now | 17:44 |
| paulsherwood | jmacs: ack | 17:44 |
| ChrisPolin | paulsherwood, yep it's ok now, leeming upgraded my membership. | 17:45 |
| paulsherwood | ok | 17:45 |
| *** toscalix has joined #trustable | 18:02 | |
| ChrisPolin | Hi all, I've created the study group wiki under trustable. It has the longest name ever (sorry about that). | 18:19 |
| ChrisPolin | https://gitlab.com/trustable/C_Safety_and_Security_Rules_Study_Group.git | 18:20 |
| ChrisPolin | All of the content is on the wiki page, everyone on the trustable team should be able to view and edit it, but nobody else. | 18:20 |
| *** toscalix has quit IRC | 18:21 | |
| ChrisPolin | I'll put it out to the mailing list and add Robert to the team, and then he can take care of participants etc. | 18:21 |
Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!