From: Jonathan Nieder <jrnieder@gmail.com>
To: Thomas Gummerer <t.gummerer@gmail.com>
Cc: git@vger.kernel.org, "Junio C Hamano" <gitster@pobox.com>,
"Ævar Arnfjörð Bjarmason" <avarab@gmail.com>
Subject: Re: [PATCH] README: note git-security@googlegroups.com
Date: Sun, 27 May 2018 08:34:18 -0700 [thread overview]
Message-ID: <20180527153418.GG207547@aiede.svl.corp.google.com> (raw)
In-Reply-To: <20180527140433.32277-1-t.gummerer@gmail.com>
Thomas Gummerer wrote:
> Add a mention of the security mailing list to the README.
> 2caa7b8d27 ("git manpage: note git-security@googlegroups.com",
> 2018-03-08) already added it to the man page, but I suspect that for
> many developers, such as myself, the README would be the first place
> to go looking for it.
>
> Use the same wording as we already have on the git-scm.com website and
> in the man page.
>
> Signed-off-by: Thomas Gummerer <t.gummerer@gmail.com>
> ---
> README.md | 3 +++
> 1 file changed, 3 insertions(+)
Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
> 2caa7b8d27 ("git manpage: note git-security@googlegroups.com",
> 2018-03-08) also mentions SubmittingPatches, but I think people are
> much more likely to submit a report of a security issue first, rather
> than sending a patch, for which I think the README is more useful.
I don't see a mention of SubmittingPatches in "git show 2caa7b8d27"
output. git help git tells me:
Report bugs to the Git mailing list <git@vger.kernel.org>
where the development and maintenance is primarily done. You
do not have to be subscribed to the list to send a message
there.
Issues which are security relevant should be disclosed
privately to the Git Security mailing list
<git-security@googlegroups.com>.
Do you mean that the discussion around that change suggested updating
SubmittingPatches too? The "Sending your patches" section indeed
mentions git@vger.kernel.org, so a mention of the security list would
indeed be welcome there, even though typically the discussion has
already started there before a patch is written.
Thanks,
Jonathan
next prev parent reply other threads:[~2018-05-27 15:34 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-05-27 14:04 [PATCH] README: note git-security@googlegroups.com Thomas Gummerer
2018-05-27 15:34 ` Jonathan Nieder [this message]
2018-05-27 21:08 ` [PATCH 2/1] SubmittingPatches: not git-security@googlegroups.com Thomas Gummerer
2018-05-28 3:00 ` Junio C Hamano
2018-05-29 18:02 ` Thomas Gummerer
2018-05-29 18:05 ` Thomas Gummerer
2018-05-29 19:53 ` brian m. carlson
2018-05-30 20:52 ` [PATCH v2 1/2] SubmittingPatches: replace numbered attributes with names Thomas Gummerer
2018-05-30 20:52 ` [PATCH v2 2/2] note git-security@googlegroups.com in more places Thomas Gummerer
2018-05-30 23:37 ` brian m. carlson
2018-05-31 19:22 ` Thomas Gummerer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180527153418.GG207547@aiede.svl.corp.google.com \
--to=jrnieder@gmail.com \
--cc=avarab@gmail.com \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=t.gummerer@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).