Quantcast

Security Ticket Keyword

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Security Ticket Keyword

Zero King
Do we have a way to mark tickets fixing security vulnerabilities?


--
Best regards,
Zero King

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Security Ticket Keyword

Mojca Miklavec-2
On 6 March 2017 at 15:41, Zero King <[hidden email]> wrote:
> Do we have a way to mark tickets fixing security vulnerabilities?

On GitHub or Trac?

On GitHub I made a label "security fix" (which you already applied to
one of your PRs, https://github.com/macports/macports-ports/pull/359).

On Trac we could add a keyword, but those keywords are plain text, so
we would need to actually do something with those.

Mojca
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Security Ticket Keyword

mf2k

> On Mar 6, 2017, at 7:55 AM, Mojca Miklavec <[hidden email]> wrote:
>
> On 6 March 2017 at 15:41, Zero King <[hidden email]> wrote:
>> Do we have a way to mark tickets fixing security vulnerabilities?
>
> On GitHub or Trac?
>
> On GitHub I made a label "security fix" (which you already applied to
> one of your PRs, https://github.com/macports/macports-ports/pull/359).
>
> On Trac we could add a keyword, but those keywords are plain text, so
> we would need to actually do something with those.
>
> Mojca

I honestly do not see the point of adding such a keyword [1] for Trac. Pretty much all updates have security fixes these days. Plus I don’t see what it would accomplish.

[1] <https://trac.macports.org/wiki/TicketsKeywordGuidelines>


Cheers!
Frank

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Security Ticket Keyword

Ryan Schmidt-24
In reply to this post by Zero King

On Mar 6, 2017, at 08:41, Zero King wrote:

> Do we have a way to mark tickets fixing security vulnerabilities?

I have no objection to adding a "security" keyword to such Trac tickets. Someone looking through the issue tracker for updates that could be committed might be more likely to pick a ticket to work on if it would resolve a security issue.

Loading...