Re: [eclipse.org-architecture-council] [EXTERNAL] Re: Security policy fo

["Billings, Jay Jay" <billingsjj@xxxxxxxx>]

+1

Jay Jay Billings

Group Leader, Scientific Computing and Software Engineering, Neutron Scattering Division, and

Acting Group Leader, Research Software Engineering, Computer Science and Mathematics Division
Oak Ridge National Laboratory
Twitter Handle: @jayjaybillings

---

From: eclipse.org-architecture-council-bounces@xxxxxxxxxxx <eclipse.org-architecture-council-bounces@xxxxxxxxxxx> on behalf of Torkild U. Resheim <torkildr@xxxxxxxxx>
Sent: Monday, June 17, 2019 3:27 PM
To: eclipse.org-architecture-council
Subject: [EXTERNAL] Re: [eclipse.org-architecture-council] Security policy for GitHub projects

 

+1 good idea!

Hilsen Torkild

17. jun. 2019 kl. 15:23 skrev Wayne Beaton <wayne.beaton@xxxxxxxxxxxxxxxxxxxxxx>:

+1

On Mon, Jun 17, 2019 at 7:57 AM Jens Reimann <jreimann@xxxxxxxxxx> wrote:

Hi everyone,

I just noticed that GitHub now has some kind of "security policy tool", which also allows you to write security advisories. [1]

It looks like the first step you can take, is to provide a simple "SECURITY.md" file, which explains your policy in the repository.

I think it makes sense, to provide a template for Eclipse projects, which redirects users to https://eclipse.org/security, and make it mandatory for Eclipse projects on GitHub to have such a file. The same way we have a "CONTRIBUTING.md" file.

What do you think?

Cheers

Jens

[1] https://help.github.com/en/articles/adding-a-security-policy-to-your-repository

--

Jens Reimann
Principal Software Engineer / EMEA ENG Middleware
Werner-von-Siemens-Ring 14
85630 Grasbrunn
Germany
phone: +49 89 2050 71286
_____________________________________________________________________________

Red Hat GmbH, www.de.redhat.com,
Registered seat: Grasbrunn, Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Paul Argiry, Charles Cachera, Tom Savage, Michael O'Neill

_______________________________________________
eclipse.org-architecture-council mailing list
eclipse.org-architecture-council@xxxxxxxxxxx
https://www.eclipse.org/mailman/listinfo/eclipse.org-architecture-council

IMPORTANT: Membership in this list is generated by processes internal to the Eclipse Foundation.  To be permanently removed from this list, you must contact emo@xxxxxxxxxxx to request removal.

--

Wayne Beaton

Director of Open Source Projects | Eclipse Foundation, Inc.

_______________________________________________
eclipse.org-architecture-council mailing list
eclipse.org-architecture-council@xxxxxxxxxxx
https://www.eclipse.org/mailman/listinfo/eclipse.org-architecture-council

IMPORTANT: Membership in this list is generated by processes internal to the Eclipse Foundation.  To be permanently removed from this list, you must contact emo@xxxxxxxxxxx to request removal.