Hello! I’m actively working on fuzzing work related to the zipfile and tarfile modules and noticed that our fuzzer definitions and corpuses for standard library modules are currently under hugovk/python-library-fuzzers. @hugovk graciously picked up where the previous maintainer left off after deleting their repositories.
I wanted to propose moving this repository under the Python GitHub organization so that more folks can contribute and review the changes proposed to the repository. This would put the fuzzers/corpuses for libraries in line with what we have today for the CPython language and modules which currently live in python/cpython under _xxtestfuzz.
I recommend recreating the repository without using GitHub’s transfer mechanism, instead manually creating a new repository and pushing the full commit history avoid GitHub commit SHA resolution weirdness, since the intent is to run code in this repository in our CI. After this is completed I can submit pull requests to our OSS-Fuzz configuration to point to the new location.
I think this makes sense and it’s a good idea. Centralising these under a common umbrella will certainly help with discovery and hopefully will converge efforts
Yes definitely, I was planning on adding information to the README including how to add new fuzzers and do local development. edit: I’ve created a README in this pull request.
Okay, this discussion seems to be simmering down to a positive feeling about migrating the python-library-fuzzers repository to the org. What is the next step for this sort of request, I assume I can contact a GitHub admin to take the necessary actions?
Before adding a new repository to the organization, open a discussion to seek consensus in the Committers Discourse category. Once people are satisfied with that, ask the Python steering council to grant permission.
