Sashiko reviews for the LSM mailing list

Tue Jun 16 23:05:39 UTC 2026

Mickaël Salaün <mic at digikod.net> writes:

> On Tue, Jun 16, 2026 at 10:11:42AM -0400, Paul Moore wrote:
>> On Tue, Jun 16, 2026 at 4:49 AM Mickaël Salaün <mic at digikod.net> wrote:
>> > On Mon, Jun 15, 2026 at 04:13:59PM -0400, Paul Moore wrote:
>> > > On Mon, Jun 15, 2026 at 11:41 AM Mickaël Salaün <mic at digikod.net> wrote:
>> > > >
>> > > > Hi,
>> > > >
>> > > > I've been reading Sashiko's (AI bot) reviews wrt Landlock patches, and
>> > > > most of them were valuable.  It found issues (security or not), but it
>> > > > requires to go to https://sashiko.dev to find them, which is too easy to
>> > > > forget, and requires additional work from maintainers to copy or point
>> > > > to these reviews.  I sent a PR (currently in draft) to enable email
>> > > > replies from Sashiko to the Linux Security Module mailing list (most
>> > > > patches are already reviewed anyway):
>> > > > https://github.com/sashiko-dev/sashiko/pull/278
>> > > >
>> > > > Making such reviews broadly available can improve the quality of patches
>> > > > we receive without much noise, helping for all LSM-related code.  We can
>> > > > fine tune some email-related settings if needed.
>> > > >
>> > > > If there are any concern or question, this is the right time to start a
>> > > > discussion.
>> > >
>> > > I recently enabled Sashiko for the SELinux list to trial it there
>> > > first, with the goal of eventually bringing this topic up for the rest
>> > > of the LSM folks on the LSM list.
>> > >
>> > > While I think Sashiko's review comments are generally okay, you should
>> > > have contacted the LSM mailing list folks *before* submitting a PR
>> > > that would cause an automated bot to send email to the LSM list (this
>> > > applies to all automated emails, not just LLM reviews).  Please hold
>> > > the PR until you have given people a chance to comment on the issue.
>> >
>> > As I explained just above, the PR is a draft (GitHub specific state for
>> > WIP), so it cannot be merged as-is, but it is useful for reviews and for
>> > LSM folks to get a look if they are interested.
>> >
>> > > Personally, I'm okay with it.
>> >
>> > Looks good.  What about waiting a week to get some feedback here and
>> > then ask for a merge of the PR?
>> 
>> I would suggest enabling Sashiko for the LSM list, but not enabling
>> the email replies at first.  This would allow people to view the
>> reviews and perhaps make a better informed decision.

I just did this: 611f4cd410d9a7f7ad923a068a6ced455e3a244e , for enabling
reviews I don't really need maintainers consensus. (I might roll it out
a bit later)

But when it comes to email policy I do, so I'll just sit and wait here.

Thanks