discussion: a survey of cve-bin-tool users? #4181
Labels
discussion
Discussion thread or meeting minutes that may not have any trivially fixable code issues associated
Comments
terriko
added
the
discussion
|
Per our Nov 2024 meeting -- we might also want to know about geographic location and industry. We're talking about alternate ways to fund cve-bin-tool development and some grants may hinge upon showing benefit to say, users in europe, or safety in automotive develpment or whatever. |
|
Oh, and per standard privacy best practice (and also what I'd have to do before getting privacy & ethics approval to run a survey) we'd want to have
I don't know how many of you have had to work with human data within a corporate or university environment, so I thought I'd just mention those expectations here in case it helps us refine what we need once we're done brainstorming! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As mentioned in the weekly gsoc meeting:
Right now, we don't know that much about our users except when they file issues, since cve-bin-tool has no telementry of any sort. I'm not super interested in building in regular telemetry because I'd rather err on the side of privacy, but we could consider doing an annual user survey to give people an optional chance to give us feedback and let us know what parts of the tool they use and where they'd like us to prioritize development.
So this thread is for discussion of what we'd want to know and why!
Some example questions to get things started
Not sure how we'd publicize a survey or any of the privacy and data retention details, but step 1 is figuring out what we want to know and why because the data we want to collect will likely impact everything else in the process.
The text was updated successfully, but these errors were encountered: