Motivation
Bitcoin Core reviewers currently have a well-understood vocabulary for expressing opposition to a pull request.
At a high level:
- Concept NACK indicates opposition to the underlying idea or goal of a PR.
- Approach NACK indicates agreement with the goal but opposition to the proposed implementation or design.
In practice, both Concept NACKs and Approach NACKs are generally treated as strong negative review feedback. While they are not formal vetoes, maintainers typically expect substantive concerns raised in a NACK to be addressed before a PR is merged.
However, there is currently no established way to express a different kind of feedback:
"I have not identified a specific bug, design flaw, or requested change. However, based on my current understanding of the PR and the affected code, I believe the risks outweigh the benefits and would not currently prioritize additional review effort on it. If other reviewers disagree regarding the benefits and choose to continue pursuing the change, I believe the risks involved should require a higher review bar before merging."
Today, reviewers holding this type of concern are faced with three unsatisfactory options:
- Leave a NACK, which may be interpreted as a blocking objection requiring a direct response.
- Leave a general comment expressing concern, which may not clearly communicate that they believe the PR, if pursued, should face a higher merge threshold.
- Provide no review feedback at all, because their concern is about risk, uncertainty, or review effort rather than a concrete objection to the concept or approach. This results in a potentially useful review signal being lost.
This proposal introduces a dedicated term for this type of feedback.
Proposal
Introduce the term Risk NACK.
A Risk NACK is intended for situations where a reviewer has concerns about the overall risk/review-effort tradeoff of a change, but is not necessarily objecting to the proposed end state itself.
Scope and Examples
Examples where a Risk NACK might be appropriate:
- A large refactor with modest expected benefits.
- A change touching security-sensitive code where the benefits do not appear to justify the review effort required to gain confidence in it.
- A proposal involving substantial code churn for relatively small expected gains.
- A change where the reviewer is unconvinced that the expected benefits justify spending additional review resources, but acknowledges that other reviewers may reasonably disagree.
Examples where a Concept NACK or Approach NACK would be more appropriate:
- The reviewer believes the feature itself should not exist.
- The reviewer believes the resulting design is unnecessarily complex.
- The reviewer believes the resulting code will create an unreasonable maintenance burden.
- The reviewer identifies a security, correctness, or reliability concern.
- The reviewer believes the implementation approach is flawed.
A useful rule of thumb is:
If a genie could make the change safely, correctly, and with perfect review confidence, and the reviewer would still object to the result, a Concept NACK or Approach NACK is generally more appropriate. If the reviewer would accept the result in that genie-assisted world but objects to the real-world risk/review tradeoff, a Risk NACK may be appropriate.
Interpretation and Caveats
A Risk NACK would contribute negative review signal without constituting a formal veto or blocking objection. Unlike a Concept NACK or Approach NACK, a Risk NACK would not imply that the reviewer has identified a specific problem that must be addressed before merge. Rather, it communicates concern about the overall risk/benefit tradeoff of a change, and may indicate that the reviewer believes the PR should receive stronger justification, broader support, or additional review before being merged.
To be useful, a Risk NACK should be based on enough familiarity with the PR or affected area to explain the concern, and should include a rationale describing the perceived risks, the expected benefits, and why the reviewer believes the tradeoff is unfavorable. The point is not to make negative feedback easier to give without justification, but to make a particular kind of negative feedback easier to express accurately.
The exact effect of a Risk NACK would remain a matter of judgment rather than a formal rule. The primary goal of this proposal is to provide clearer vocabulary for communicating concerns.