This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Add more maintainers #2089
Comments
|
Fully agree with this. As it appears, the intended goal of capstone is to provide a full-featured, stable and up to date disassembler library for the most common architectures. But this has been shown to be impossible with the current maintenance strategy. As a concrete example, in 2018, Apple started to use PAC on iOS and in 2020 switched the primary architecture for macOS to arm64 with all binaries from Apple including the kernel and dyldcache, both highly important to be able to disassemble for security research, full of PAC instructions. Adding @kabeor to the team greatly improved the situation, as shown by the aforementioned capstone 5 release. But cs5 still contains major regressions that only appear now that many projects are switching to it, due to a lack of continuous testing, so it is not enough to stop here. |
|
Hi guys, you know what? I am really do my best to push the whole contribution process. You can see that I wanted to release v5 last year. However, every open source community has its own most carefully things. For example, Capstone cares about stability and compatibility. So how to balance this with new features? The answer is more closer code review. Honestly, I really welcome more brilliant people like you guys can join the maintenance team. But how to control the code quality by multi maintainers? I hope we can talk about this here. Besides, @aquynh has some unique ideas or thoughts. All in all, I am always thinking how to balance these all at the same time? If there's any suggestion, I appreciate a lot. By the way, I asked @aquynh this morning and he said he will give some feedbacks to #1949 today night. Or I will ask again. |
We do very much appreciate this!
I suggest to add more (strict) guidelines and enforce them with the CI. E.g. adding linter checks and proper testing to the CI. This way each contribute can directly see on their own if something breaks the current state. Without any interaction from maintainers. Reviewers then only must check for things things which require deeper code base knowledge.
The following is a little offtopic. Feel free to move it to another issue. The
Capstone might was build with stability in mind (which is great), but the non-auto-sync way of updating just doesn't allow stability and up-to-dateness in the long run. But those changes need more maintainers as well. Just to get all archs as quickly as possible in sync with LLVM (if possible). |
|
Any decision on this yet? |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
It's obviously clear that current maintainers struggle reacting timely to PRs and issues. I propose to extend the team.
@aquynh @kabeor
The text was updated successfully, but these errors were encountered: