You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Consider a crate with versions 1.0 and 1.0.1, and two reviews by trusted reviewers, one reviewing 1.0 at a medium thoroughness and undestanding, and delta review 1.0 to 1.0.1at a high thoroughness and understanding. (Probably because there were very little changes from 1.0 to 1.0.1, and the second reviewer is very confident that the README typos and clippy-indicated underscores added in numeric constants don't cause any harm).
In an application using version 1.0.1 of the crate, it shows up as passing even a verify --understanding high test -- even though only a very small portion of the code was understood that well by trusted reviewers.
I suggest that all reviews contributing to the assessment need to satisfy criteria.
(Alternatively, we could ask reviewers to never indicate a higher level than the review their base review -- but that review might not be trusted by the verifying user).
Which version are you using (eg. cargo crev --version) 0.16.1
How did you install crev (git?, cargo?, your distribution?) cargo install
What OS/platform are you running on? Debian GNU/Linux, version sid
The text was updated successfully, but these errors were encountered:
I suggest that all reviews contributing to the assessment need to satisfy criteria.
Indeed. I am aware that this is not implemented, and never got to fix it. I was planing to just travel the differential review graph to the actual full review, and consider the actual effective values as a minimum of all reviews.
Feel free to give it a shot. It shouldn't be too difficult, and after you get ahold of proofdb.rs, you can pretty much implement anything you want.
Consider a crate with versions 1.0 and 1.0.1, and two reviews by trusted reviewers, one reviewing 1.0 at a medium thoroughness and undestanding, and delta review 1.0 to 1.0.1at a high thoroughness and understanding. (Probably because there were very little changes from 1.0 to 1.0.1, and the second reviewer is very confident that the README typos and clippy-indicated underscores added in numeric constants don't cause any harm).
In an application using version 1.0.1 of the crate, it shows up as passing even a
verify --understanding high
test -- even though only a very small portion of the code was understood that well by trusted reviewers.I suggest that all reviews contributing to the assessment need to satisfy criteria.
(Alternatively, we could ask reviewers to never indicate a higher level than the review their base review -- but that review might not be trusted by the verifying user).
cargo crev --version
) 0.16.1crev
(git?, cargo?, your distribution?) cargo installThe text was updated successfully, but these errors were encountered: