ruff: initial integration #11471
ruff: initial integration #11471
Conversation
|
manunio is integrating a new project: |
|
@manunio, the authors have mentioned that they do not yet wish to integrate Ruff as the existing fuzzers and this one are finding lots of issues that are not desirable to fix. I have previously communicated with them separately about OSS-Fuzz integration and they are not for it presently. 🙂 As an aside, the relevant issue tracking this is: astral-sh/ruff#4972 (incomplete list of issues found by fuzzers that need to be resolved before integration is considered) @qarmin should also be involved in the initial integration, as he has contributed by far the most fuzzing-discovered issues. CC: @charliermarsh (project lead) for comment here as well. |
@addisoncrump Thanks for the update, will keep this pr here as a draft, in-case they are interested at later time. |
|
Very well. @qarmin and I have both spent several months of effort on fuzzing, categorising issues, and assisting with resolution. Put bluntly, it would be inappropriate to integrate our work without consulting us, especially if your goal (as I suspect) is to apply for rewards. If the Ruff team ever decides to integrate, the three of us need to have a conversation separately about this. In the future, you should really discuss this (privately or publicly) with the relevant code owners. This is not how I wanted to broach this conversation. As an aside, the listed vendor ccs should also include:
|
@addisoncrump you are free to go ahead with integration, I have not asked the ruff team yet before your comment, infact I can't go ahead with integration unless I have explicit permission from ruff authors. I was going to ask ruff team today about what they wish to do here, i'll close this pr and ruff's pr and please go ahead with your own pr :) |
|
That's not what I was suggesting... this PR (as well as your fuzzer which you just closed separately) is fine, we just need to have a conversation before this happens. I am not trying to dissuade you from integrating, I am pointing out that a) I have already spoken to the developers and wanted to share what they have previously told me, and b) it was a little inconsiderate to open this without speaking to any of the other folks working on fuzzing this target already. That doesn't mean you need to close this issue, or the fuzzer upstream which has already also found bugs. We just need to collaborate going forward. |
@addisoncrump I think it's better for me to close this pr(as you are right, i can't integrate your work) and keep will upstream pr open, sorry for the confusion and not making things clear earlier, please feel free to open a pr here, when you receive permission upstream :) |
|
Okay. If the Ruff team ever decides to integrate with OSS-Fuzz, let's open a PR again. |
No description provided.