triage of the day

[Tux]

Don't you want the ymls kept in some archive, so people can view them. The triage moved them to false positives, but now I cannot verify

[garu]

Don't you want the ymls kept in some archive, so people can view them. The triage moved them to false positives, but now I cannot verify

@Tux verification, in my opinion, should be done during the PR approval process, in which case it is available simply by clicking on the "files changed" link or, on the terminal, by git diffing the branch against main. After that, the false positive is of little use to us, right? Even though it is still reachable via git log -p on the terminal or by checking the closed PR.

Please share if you have any thoughts on this, I'm very open to changes in the current pipeline, especially during this initial stage - now is the time :D

[Tux]

My head is now in a fuzzy state: one part thinks it would be good to have those in a "active" folder for easy perusal and to easy see why a report is a false positive and to learn from it. The other part is 100% in agreement with the fact that it is enough to have it available in git. Consider me blank on this.