Sashiko reviews for the LSM mailing list

Paul Moore paul at paul-moore.com
Tue Jun 16 14:11:42 UTC 2026 

On Tue, Jun 16, 2026 at 4:49 AM Mickaël Salaün <mic at digikod.net> wrote:
> On Mon, Jun 15, 2026 at 04:13:59PM -0400, Paul Moore wrote:
> > On Mon, Jun 15, 2026 at 11:41 AM Mickaël Salaün <mic at digikod.net> wrote:
> > >
> > > Hi,
> > >
> > > I've been reading Sashiko's (AI bot) reviews wrt Landlock patches, and
> > > most of them were valuable.  It found issues (security or not), but it
> > > requires to go to https://sashiko.dev to find them, which is too easy to
> > > forget, and requires additional work from maintainers to copy or point
> > > to these reviews.  I sent a PR (currently in draft) to enable email
> > > replies from Sashiko to the Linux Security Module mailing list (most
> > > patches are already reviewed anyway):
> > > https://github.com/sashiko-dev/sashiko/pull/278
> > >
> > > Making such reviews broadly available can improve the quality of patches
> > > we receive without much noise, helping for all LSM-related code.  We can
> > > fine tune some email-related settings if needed.
> > >
> > > If there are any concern or question, this is the right time to start a
> > > discussion.
> >
> > I recently enabled Sashiko for the SELinux list to trial it there
> > first, with the goal of eventually bringing this topic up for the rest
> > of the LSM folks on the LSM list.
> >
> > While I think Sashiko's review comments are generally okay, you should
> > have contacted the LSM mailing list folks *before* submitting a PR
> > that would cause an automated bot to send email to the LSM list (this
> > applies to all automated emails, not just LLM reviews).  Please hold
> > the PR until you have given people a chance to comment on the issue.
>
> As I explained just above, the PR is a draft (GitHub specific state for
> WIP), so it cannot be merged as-is, but it is useful for reviews and for
> LSM folks to get a look if they are interested.
>
> > Personally, I'm okay with it.
>
> Looks good.  What about waiting a week to get some feedback here and
> then ask for a merge of the PR?

I would suggest enabling Sashiko for the LSM list, but not enabling
the email replies at first.  This would allow people to view the
reviews and perhaps make a better informed decision.

> Anyway, it would not be written in
> stone, we can update Sashiko config with new PRs.

It is worth noting that sashiko.dev updates are not immediate, so
there is a delay between a PR being merged and it taking effect.

-- 
paul-moore.com

More information about the Linux-security-module-archive mailing list