[ros-dev] Propose standards for the audit

[Casper Hornstrup]

> Yes, found that page right after I pressed "Send"... I'll use that page
> and
> tag the items with "F:" (for fast-track). If anyone disagrees with the
> classification, we can discuss it here, if in a few days there are no
> objections we can start moving the stuff over.
> 
> How are we going to keep track of the audit results? An audit is not very
> useful without an audit trail. My proposal is to add a "doc" property to
> appropriate directories in the code tree and use that to document how the
> code there was audited. This "doc" property could contain e.g. a short
> note
> like "rbuild was developed specifically for ReactOS, there is no non-free
> code from which it could have been reverse engineered" or it could point
> to
> a document stored elsewhere in svn providing more detail. I'm proposing
> "doc" as the name for the property and not "audit", "rev-eng" or something
> like that to keep it generic and set that property as the standard for
> future code development too.

Sounds good. There is a convention to prefix property names so it should be
ros:doc.

> 
> How do we determine if someone is qualified or not to do an audit of a
> component? I did some work on freeldr, does that make me qualified 'cause
> I
> know what I'm talking about or am I not qualified because I'm not
> independent?
> 
> GvG

There was talk of two developers auditing the same code. I would trust
people to follow the guidelines and thus say you are qualified to audit
freeloader because 'you know what you are talking about' ;-)

Casper