X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=doc%2Ffeedback.but;h=e0854fc54311d930c41b2fb15c54a1d76009d16c;hb=359b5c8eb45ff56c62032cf147fcdb3723d54324;hp=fadc00784c0196f5e1707154a87137b94d6671dc;hpb=e22daa87c2b0f045be278f750f0b65faee2fac9a;p=PuTTY.git diff --git a/doc/feedback.but b/doc/feedback.but index fadc0078..e0854fc5 100644 --- a/doc/feedback.but +++ b/doc/feedback.but @@ -1,6 +1,4 @@ -\versionid $Id: feedback.but,v 1.20 2004/11/15 15:57:28 jacob Exp $ - -\A{feedback} Feedback and bug reporting +\A{feedback} \ii{Feedback} and \i{bug reporting} This is a guide to providing feedback to the PuTTY development team. It is provided as both a web page on the PuTTY site, and an appendix @@ -26,7 +24,7 @@ recommend you do so. In particular, support requests (\k{feedback-support}) are probably better sent to newsgroups, or passed to a local expert if possible. -The PuTTY contact email address is a private mailing list containing +The PuTTY contact email address is a private \i{mailing list} containing four or five core developers. Don't be put off by it being a mailing list: if you need to send confidential data as part of a bug report, you can trust the people on the list to respect that confidence. @@ -52,6 +50,9 @@ the URL; that way, we don't have to download it unless we decide we actually need it, and only one of us needs to download it instead of it being automatically copied to all the developers. +(If the file contains confidential information, then you could encrypt +it with our Secure Contact Key; see \k{pgpkeys-pubkey} for details.) + Some people like to send mail in MS Word format. Please \e{don't} send us bug reports, or any other mail, as a Word document. Word documents are roughly fifty times larger than writing the same @@ -98,6 +99,9 @@ specific to using the SSH protocol; \b \W{news:comp.terminals}\c{comp.terminals}, for issues relating to terminal emulation (for instance, keyboard problems). +Please use the newsgroup most appropriate to your query, and remember +that these are general newsgroups, not specifically about PuTTY. + If you don't have direct access to Usenet, you can access these newsgroups through Google Groups (\W{http://groups.google.com/}\cw{groups.google.com}). @@ -119,7 +123,7 @@ will say so.) \b Check the \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html}{Change Log} on the PuTTY website, and see if we have already fixed the bug -in the development snapshots. +in the \i{development snapshots}. \b Check the \W{http://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html}{FAQ} @@ -140,9 +144,9 @@ If none of those options solved your problem, and you still need to report a bug to us, it is useful if you include some general information: -\b Tell us what version of PuTTY you are running. To find this out, -use the "About PuTTY" option from the System menu. Please \e{do not} -just tell us \q{I'm running the latest version}; e-mail can be +\b Tell us what \i{version of PuTTY} you are running. To find this out, +use the \q{About PuTTY} option from the System menu. Please \e{do +not} just tell us \q{I'm running the latest version}; e-mail can be delayed and it may not be obvious which version was the latest at the time you sent the message. @@ -177,7 +181,7 @@ avoid this problem by telling us exactly what you think it should have done, and exactly what it did do. \b If you think you can, you're welcome to try to fix the problem -yourself. A patch to the code which fixes a bug is an excellent +yourself. A \i{patch} to the code which fixes a bug is an excellent addition to a bug report. However, a patch is never a \e{substitute} for a good bug report; if your patch is wrong or inappropriate, and you haven't supplied us with full information about the actual bug, @@ -200,6 +204,20 @@ will explain what you need to know. \e{Then}, if you think the documentation could usefully have told you that, send us a bug report and explain how you think we should change it. +\H{feedback-vulns} Reporting security vulnerabilities + +If you've found a security vulnerability in PuTTY, you might well want +to notify us using an encrypted communications channel, to avoid +disclosing information about the vulnerability before a fixed release +is available. + +For this purpose, we provide a GPG key suitable for encryption: the +Secure Contact Key. See \k{pgpkeys-pubkey} for details of this. + +(Of course, vulnerabilities are also bugs, so please do include as +much information as possible about them, the same way you would with +any other bug report.) + \H{feedback-features} Requesting extra features If you want to request a new feature in PuTTY, the very first things @@ -242,7 +260,9 @@ if you confer with us first; there may be design issues you haven't thought of, or we may be about to make big changes to the code which your patch would clash with, or something. If you check with the maintainers first, there is a better chance of your code actually -being usable. +being usable. Also, read the design principles listed in \k{udp}: if +you do not conform to them, we will probably not be able to accept +your patch. \H{feedback-feature-priority} Requesting features that have already been requested @@ -275,7 +295,7 @@ high-quality software to the users comes first.) way to get a feature implemented quickly, if it's a big one that we don't have time to do ourselves. -\H{feedback-support} Support requests +\H{feedback-support} \ii{Support requests} If you're trying to make PuTTY do something for you and it isn't working, but you're not sure whether it's a bug or not, then @@ -317,7 +337,7 @@ time to answer it. \H{feedback-webadmin} Web server administration -If the PuTTY web site is down (Connection Timed Out), please don't +If the PuTTY \i{web site} is down (Connection Timed Out), please don't bother mailing us to tell us about it. Most of us read our e-mail on the same machines that host the web site, so if those machines are down then we will notice \e{before} we read our e-mail. So there's @@ -354,29 +374,43 @@ and ask. Just go ahead and do it. We don't mind. (If you want to distribute PuTTY alongside your own application for use with that application, or if you want to distribute PuTTY within -your own organisation, then we recommend you offer your own -first-line technical support, to answer questions about the -interaction of PuTTY with your environment. If your users mail us -directly, we won't be able to tell them anything useful about your -specific setup.) +your own organisation, then we recommend, but do not insist, that +you offer your own first-line technical support, to answer questions +about the interaction of PuTTY with your environment. If your users +mail us directly, we won't be able to tell them anything useful about +your specific setup.) If you want to use parts of the PuTTY source code in another program, then it might be worth mailing us to talk about technical details, but if all you want is to ask permission then you don't need to bother. You already have permission. +If you just want to link to our web site, just go ahead. (It's not +clear that we \e{could} stop you doing this, even if we wanted to!) + \H{feedback-mirrors} Mirroring the PuTTY web site -Mirrors of the PuTTY web site are welcome, especially in regions not -well covered by existing mirrors. Please don't bother asking us for -permission before setting up a mirror. You already have permission. We -are always happy to have more mirrors. +\# the next two paragraphs also on the Mirrors page itself, with +\# minor context changes + +If you want to set up a mirror of the PuTTY website, go ahead and +set one up. Please don't bother asking us for permission before +setting up a mirror. You already have permission. + +If the mirror is in a country where we don't already have plenty of +mirrors, we may be willing to add it to the list on our +\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/mirrors.html}{mirrors +page}. Read the guidelines on that page, make sure your mirror +works, and email us the information listed at the bottom of the +page. + +Note that we do not \e{promise} to list your mirror: we get a lot of +mirror notifications and yours may not happen to find its way to the +top of the list. -If you mail us \e{after} you have set up the mirror and checked that -it works, and remember to let us know which country your mirror is in, -then we'll add it to the -\W{http://www.chiark.greenend.org.uk/~sgtatham/putty/mirrors.html}{Mirrors -page} on the PuTTY website. +Also note that we link to all our mirror sites using the +\c{rel="nofollow"} attribute. Running a PuTTY mirror is not intended +to be a cheap way to gain search rankings. If you have technical questions about the process of mirroring, then you might want to mail us before setting up the mirror (see also the