[postgis-devel] PSC Vote add a security at postgis.net

[Regina Obe]

Too Darafei's note -- regarding this -- I think the ticket if it is CVE worthy would eventually make it into our trac repo with no personal identifiable information.

The purpose of what I see a special repo would be to hold artifacts like special scripts and data we might store.

I think mixing it in trac which is public (even with a sensitivity plugin) would be confusing and too prone to someone accidentally removing the sensitivity mark.

-----Original Message-----
From: Regina Obe [mailto:lr at pcorp.us] 
Sent: Saturday, December 7, 2019 8:29 AM
To: 'PostGIS Development Discussion' <postgis-devel at lists.osgeo.org>
Subject: RE: [postgis-devel] PSC Vote add a security at postgis.net

I'd rather have a separate repo on gitea for it.  And I propose we don't even bother creating one until we get our first security email that requires it.

Thanks,
Regina

-----Original Message-----
From: postgis-devel [mailto:postgis-devel-bounces at lists.osgeo.org] On Behalf Of Sandro Santilli
Sent: Saturday, December 7, 2019 6:28 AM
To: PostGIS Development Discussion <postgis-devel at lists.osgeo.org>
Subject: Re: [postgis-devel] PSC Vote add a security at postgis.net

On Fri, Dec 06, 2019 at 12:29:38PM -0500, Regina Obe wrote:
> Sensible issues.  We have unsensible issues? 

This is the Trac plugin, if we want to keep all tickets in one place:
https://trac-hacks.org/wiki/SensitiveTicketsPlugin

It seems to be active (last commit on Nov 23, 2019)

--strk;
_______________________________________________
postgis-devel mailing list
postgis-devel at lists.osgeo.org
https://lists.osgeo.org/mailman/listinfo/postgis-devel