freemarker-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ddek...@apache.org
Subject incubator-freemarker-site git commit: Added section about handling security vulnerabilities to the Comitter how-to.
Date Mon, 23 Jan 2017 14:30:12 GMT
Repository: incubator-freemarker-site
Updated Branches:
  refs/heads/asf-site a1a6f5268 -> b8fcfd91d


Added section about handling security vulnerabilities to the Comitter how-to.


Project: http://git-wip-us.apache.org/repos/asf/incubator-freemarker-site/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-freemarker-site/commit/b8fcfd91
Tree: http://git-wip-us.apache.org/repos/asf/incubator-freemarker-site/tree/b8fcfd91
Diff: http://git-wip-us.apache.org/repos/asf/incubator-freemarker-site/diff/b8fcfd91

Branch: refs/heads/asf-site
Commit: b8fcfd91d77266a61b63b22310b53571dbeabcbc
Parents: a1a6f52
Author: ddekany <ddekany@apache.org>
Authored: Mon Jan 23 15:30:03 2017 +0100
Committer: ddekany <ddekany@apache.org>
Committed: Mon Jan 23 15:30:03 2017 +0100

----------------------------------------------------------------------
 committer-howto.html                 | 23 +++++++++++++++++++++--
 report-security-vulnerabilities.html | 13 +++++++------
 toc.js                               | 10 +++++++++-
 3 files changed, 37 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-freemarker-site/blob/b8fcfd91/committer-howto.html
----------------------------------------------------------------------
diff --git a/committer-howto.html b/committer-howto.html
index 61bf093..9c03238 100644
--- a/committer-howto.html
+++ b/committer-howto.html
@@ -42,7 +42,7 @@ ga('send', 'pageview');
 <h1 class="content-header header-section1" id="committer-howto" itemprop="headline">Committer
how-to</h1>
 </div></div><div class="page-menu">
 <div class="page-menu-title">Page Contents</div>
-<ul><li><a class="page-menu-link" href="#git-commit-policy" data-menu-target="git-commit-policy">Git
commit policies</a></li><li><a class="page-menu-link" href="#merging-pull-request"
data-menu-target="merging-pull-request">Merging in pull requests from GitHub</a></li><li><a
class="page-menu-link" href="#close-pull-request-without-merging" data-menu-target="close-pull-request-without-merging">Closing
GitHub pull requests without merging</a></li><li><a class="page-menu-link"
href="#making-releases" data-menu-target="making-releases">Making releases</a></li><li><a
class="page-menu-link" href="#updating-homepage" data-menu-target="updating-homepage">Updating
the FreeMarker home page</a></li><li><a class="page-menu-link" href="#updating-docgen"
data-menu-target="updating-docgen">Updating Docgen</a></li><li><a
class="page-menu-link" href="#edit-docbook" data-menu-target="edit-docbook">Regarding editing
the Manual and the Site DocBook</a></li></ul> </div><p><em>This
page applies to Commit
 ters only, not to usual
+<ul><li><a class="page-menu-link" href="#git-commit-policy" data-menu-target="git-commit-policy">Git
commit policies</a></li><li><a class="page-menu-link" href="#merging-pull-request"
data-menu-target="merging-pull-request">Merging in pull requests from GitHub</a></li><li><a
class="page-menu-link" href="#close-pull-request-without-merging" data-menu-target="close-pull-request-without-merging">Closing
GitHub pull requests without merging</a></li><li><a class="page-menu-link"
href="#making-releases" data-menu-target="making-releases">Making releases</a></li><li><a
class="page-menu-link" href="#updating-homepage" data-menu-target="updating-homepage">Updating
the FreeMarker home page</a></li><li><a class="page-menu-link" href="#updating-docgen"
data-menu-target="updating-docgen">Updating Docgen</a></li><li><a
class="page-menu-link" href="#edit-docbook" data-menu-target="edit-docbook">Regarding editing
the Manual and the Site DocBook</a></li><li><a class="page-menu-link"
href="#handle-se
 curity-vulnerabilities" data-menu-target="handle-security-vulnerabilities">Dealing with
security vulnerabilities</a></li></ul> </div><p><em>This
page applies to Committers only, not to usual
       contributors.</em> A Committer is a person with extra rights who
       receives his status via invitation. You don&#39;t need to be a Committer to
       contribute, anyone can fork and send pull requests on Github; see more
@@ -618,11 +618,30 @@ ga('send', 'pageview');
         <code class="inline-code">src/manual/en_US/docgen-help/editors-readme.txt</code>
in
         the <code class="inline-code">freemarker</code> repository. About the
same guide
         lines apply to the site DocBook as well.</p>
+      
+        
+
+
+
+<h2 class="content-header header-section2" id="handle-security-vulnerabilities">Dealing
with security vulnerabilities</h2>
+
+
+        <p>If someone reports a security vulnerability, normally he
+        shouldn&#39;t do it on a public forum (<a href="report-security-vulnerabilities.html">see
how to report it
+        here</a>), and similarly we shouldn&#39;t discuss it on a public forum
+        (such as on the developer mailing list), but on the private mailing
+        list of the project. Thus the vulnerability can be fixed and released
+        before it&#39;s openly discussed. As a developer, you must not forget that
+        commits are also publicly visible. How to commit, release, and
+        communicate a concrete vulnerability should be discussed on the
+        private mailing lists of the project before doing publicly visible
+        moves. See <a href="https://www.apache.org/security/committers.html">this
+        page</a> for further guidelines.</p>
       </div></div>      </div>
     </div>
 <div class="site-footer"><div class="site-width"><div class="footer-top"><div
class="col-left sitemap"><div class="column"><h3 class="column-header">Overview</h3><ul><li><a
href="index.html">What is FreeMarker?</a></li><li><a href="freemarkerdownload.html">Download</a></li><li><a
href="docs/app_versions.html">Version history</a></li><li><a href="history.html">About
us</a></li><li><a itemprop="license" href="docs/app_license.html">License</a></li></ul></div><div
class="column"><h3 class="column-header">Handy stuff</h3><ul><li><a
href="http://freemarker-online.kenshoo.com/">Try template online</a></li><li><a
href="docs/dgui_template_exp.html#exp_cheatsheet">Expressions cheatsheet</a></li><li><a
href="docs/ref_directive_alphaidx.html">#directives</a></li><li><a
href="docs/ref_builtins_alphaidx.html">?built_ins</a></li><li><a href="docs/ref_specvar.html">.special_vars</a></li></ul></div><div
class="column"><h3 class="column-header">Community</h3><ul><li><a
href="https://github.com/apach
 e/incubator-freemarker">FreeMarker on Github</a></li><li><a href="https://twitter.com/freemarker">Follow
us on Twitter</a></li><li><a href="https://issues.apache.org/jira/browse/FREEMARKER/">Report
a bug</a></li><li><a href="http://stackoverflow.com/questions/ask?tags=freemarker">Ask
a question</a></li><li><a href="mailing-lists.html">Mailing lists</a></li></ul></div></div><div
class="col-right"><ul class="social-icons"><li><a class="github" href="https://github.com/apache/incubator-freemarker">GitHub</a></li><li><a
class="twitter" href="https://twitter.com/freemarker">Twitter</a></li><li><a
class="stack-overflow" href="http://stackoverflow.com/questions/ask?tags=freemarker">Stack
Overflow</a></li></ul><a class="xxe" href="http://www.xmlmind.com/xmleditor/"
rel="nofollow" title="Edited with XMLMind XML Editor"><span>Edited with XMLMind XML
Editor</span></a></div></div><div class="footer-bottom"> <p
class="last-generated">
 Last generated:
-<time itemprop="dateModified" datetime="2017-01-23T13:41:35Z" title="Monday, January 23,
2017 1:41:35 PM GMT">2017-01-23 13:41:35 GMT</time> </p>
+<time itemprop="dateModified" datetime="2017-01-23T14:28:57Z" title="Monday, January 23,
2017 2:28:57 PM GMT">2017-01-23 14:28:57 GMT</time> </p>
 <p class="copyright">
 © <span itemprop="copyrightYear">1999</span>–2017
 <a itemtype="http://schema.org/Organization" itemprop="copyrightHolder" href="http://apache.org/">The
Apache Software Foundation</a>. Apache FreeMarker, FreeMarker, Apache Incubator, Apache,
the Apache FreeMarker logo are trademarks of The Apache Software Foundation. </p>

http://git-wip-us.apache.org/repos/asf/incubator-freemarker-site/blob/b8fcfd91/report-security-vulnerabilities.html
----------------------------------------------------------------------
diff --git a/report-security-vulnerabilities.html b/report-security-vulnerabilities.html
index ad06d96..54a410b 100644
--- a/report-security-vulnerabilities.html
+++ b/report-security-vulnerabilities.html
@@ -3,12 +3,12 @@
 <html lang="en" class="page-type-section">
 <head prefix="og: http://ogp.me/ns#">
 <meta charset="utf-8">
-<title>Report security vulnerabilities - Apache FreeMarker</title>
+<title>Report security vulnerability - Apache FreeMarker</title>
 <meta http-equiv="X-UA-Compatible" content="IE=edge">
 <meta name="viewport" content="width=device-width,initial-scale=1">
 <meta name="format-detection" content="telephone=no">
 <meta property="og:site_name" content="Apache FreeMarker">
-<meta property="og:title" content="Report security vulnerabilities">
+<meta property="og:title" content="Report security vulnerability">
 <meta property="og:locale" content="en_US">
 <meta property="og:url" content="http://freemarker.org/report-security-vulnerabilities.html">
 <link rel="canonical" href="http://freemarker.org/report-security-vulnerabilities.html">
@@ -34,12 +34,12 @@ ga('send', 'pageview');
 </a><ul class="tabs"><li class="current"><a href="index.html">Home</a></li><li><a
href="docs/index.html">Manual</a></li><li><a class="external" href="docs/api/index.html">Java
API</a></li></ul><ul class="secondary-tabs"><li><a class="tab
icon-heart" href="contribute.html" title="Contribute"><span>Contribute</span></a></li><li><a
class="tab icon-bug" href="https://issues.apache.org/jira/browse/FREEMARKER/" title="Report
a Bug"><span>Report a Bug</span></a></li><li><a class="tab
icon-download" href="freemarkerdownload.html" title="Download"><span>Download</span></a></li></ul></div></div>
   <div class="main-content site-width">
       <div class="content-wrapper">
   <div id="table-of-contents-wrapper" class="col-left">
-      <script>var breadcrumb = ["Apache FreeMarker","Community","Report security vulnerabilities"];</script>
+      <script>var breadcrumb = ["Apache FreeMarker","Community","Report security vulnerability"];</script>
       <script src="toc.js"></script>
       <script src="docgen-resources/main.min.js"></script>
   </div>
 <div class="col-right"><div class="page-content"><div class="page-title"><div
class="title-wrapper">
-<h1 class="content-header header-section1" id="report-security-vulnerabilities" itemprop="headline">Report
security vulnerabilities</h1>
+<h1 class="content-header header-section1" id="report-security-vulnerabilities" itemprop="headline">Report
security vulnerability</h1>
 </div></div><p>We strongly encourage to report security vulnerabilities
to our
       private mailing list first, rather than disclosing them in a public
       forum. The private security mailing address is: <a href="mailto:private@freemarker.incubator.apache.org">private@freemarker.incubator.apache.org</a></p><p>Please
note that this mailing list should only be used for
@@ -47,11 +47,12 @@ ga('send', 'pageview');
       managing the process of fixing such vulnerabilities. We cannot accept
       regular bug reports or other queries at this address.</p><p>If you want
to report a bug that isn&#39;t an undisclosed security
       vulnerability, please use <a href="https://issues.apache.org/jira/browse/FREEMARKER/">our
regular
-      bug tracker</a>.</p></div></div>      </div>
+      bug tracker</a>.</p><p>Committers should <a href="committer-howto.html#handle-security-vulnerabilities">see
here</a> how to handle
+      reported security vulnerabilities.</p></div></div>      </div>
     </div>
 <div class="site-footer"><div class="site-width"><div class="footer-top"><div
class="col-left sitemap"><div class="column"><h3 class="column-header">Overview</h3><ul><li><a
href="index.html">What is FreeMarker?</a></li><li><a href="freemarkerdownload.html">Download</a></li><li><a
href="docs/app_versions.html">Version history</a></li><li><a href="history.html">About
us</a></li><li><a itemprop="license" href="docs/app_license.html">License</a></li></ul></div><div
class="column"><h3 class="column-header">Handy stuff</h3><ul><li><a
href="http://freemarker-online.kenshoo.com/">Try template online</a></li><li><a
href="docs/dgui_template_exp.html#exp_cheatsheet">Expressions cheatsheet</a></li><li><a
href="docs/ref_directive_alphaidx.html">#directives</a></li><li><a
href="docs/ref_builtins_alphaidx.html">?built_ins</a></li><li><a href="docs/ref_specvar.html">.special_vars</a></li></ul></div><div
class="column"><h3 class="column-header">Community</h3><ul><li><a
href="https://github.com/apach
 e/incubator-freemarker">FreeMarker on Github</a></li><li><a href="https://twitter.com/freemarker">Follow
us on Twitter</a></li><li><a href="https://issues.apache.org/jira/browse/FREEMARKER/">Report
a bug</a></li><li><a href="http://stackoverflow.com/questions/ask?tags=freemarker">Ask
a question</a></li><li><a href="mailing-lists.html">Mailing lists</a></li></ul></div></div><div
class="col-right"><ul class="social-icons"><li><a class="github" href="https://github.com/apache/incubator-freemarker">GitHub</a></li><li><a
class="twitter" href="https://twitter.com/freemarker">Twitter</a></li><li><a
class="stack-overflow" href="http://stackoverflow.com/questions/ask?tags=freemarker">Stack
Overflow</a></li></ul><a class="xxe" href="http://www.xmlmind.com/xmleditor/"
rel="nofollow" title="Edited with XMLMind XML Editor"><span>Edited with XMLMind XML
Editor</span></a></div></div><div class="footer-bottom"> <p
class="last-generated">
 Last generated:
-<time itemprop="dateModified" datetime="2017-01-23T13:41:35Z" title="Monday, January 23,
2017 1:41:35 PM GMT">2017-01-23 13:41:35 GMT</time> </p>
+<time itemprop="dateModified" datetime="2017-01-23T14:28:57Z" title="Monday, January 23,
2017 2:28:57 PM GMT">2017-01-23 14:28:57 GMT</time> </p>
 <p class="copyright">
 © <span itemprop="copyrightYear">1999</span>–2017
 <a itemtype="http://schema.org/Organization" itemprop="copyrightHolder" href="http://apache.org/">The
Apache Software Foundation</a>. Apache FreeMarker, FreeMarker, Apache Incubator, Apache,
the Apache FreeMarker logo are trademarks of The Apache Software Foundation. </p>

http://git-wip-us.apache.org/repos/asf/incubator-freemarker-site/blob/b8fcfd91/toc.js
----------------------------------------------------------------------
diff --git a/toc.js b/toc.js
index b9f29a3..3e30405 100644
--- a/toc.js
+++ b/toc.js
@@ -104,7 +104,7 @@ var toc = {
 }
 ,
 {
-"title": "Report security vulnerabilities",
+"title": "Report security vulnerability",
 "url": "report-security-vulnerabilities.html",
 "isFile": true,
 "children": [
@@ -226,6 +226,14 @@ var toc = {
 "children": [
 ]
 }
+,
+{
+"title": "Dealing with security vulnerabilities",
+"url": "committer-howto.html#handle-security-vulnerabilities",
+"isFile": false,
+"children": [
+]
+}
 ]
 }
 ]


Mime
View raw message