Skip to content

Update SECURITY.md - Bring it up to par with the one in server #241

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nickvergessen merged 3 commits into from
Oct 26, 2023
Merged

Update SECURITY.md - Bring it up to par with the one in server #241

nickvergessen merged 3 commits into from
Oct 26, 2023

Conversation

@joshtrichards
Copy link
Member

@joshtrichards joshtrichards commented Oct 23, 2023

Offshoot of nextcloud/server#40966.

One caveat: I think the line added in 6c45691 in the existing Security Policy was probably trying to accommodate maybe either some of the "hosted" but still fairly independent sub-projects and/or maybe a way to accommodate reports about third-party maintained apps.

a) Is my guess accurate?
b) Should we try to accommodate that still?
c) If so, maybe we can find a clearer way to state that?

If a/b/c === true then we can add it to this PR before it gets merged if deemed appropriate.

@joshtrichards joshtrichards added 3. to review Waiting for reviews security Security issues labels Oct 23, 2023
@nickvergessen
Copy link
Member

nickvergessen commented Oct 23, 2023

yeah, the sentence or meaning of it should be kept. Too many repos in the nextcloud org are not "maintained" by us and we don't have the resources, but the files from this repo will be used for new repos and when it's missing I think

@joshtrichards
Copy link
Member Author

joshtrichards commented Oct 24, 2023

Alright I attempted to add some updated language for that too. Let me know!

@nickvergessen
Reformulate community section
4dc7d45 
Signed-off-by: Joas Schilling <[email protected]>
nickvergessen
nickvergessen approved these changes Oct 26, 2023
View reviewed changes
Copy link
Member

@nickvergessen nickvergessen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changed the "other apps" sentence a bit and removed trailing spaces

@nickvergessen nickvergessen merged commit 62aa1a1 into master Oct 26, 2023
@nickvergessen nickvergessen deleted the jr-security-policy-update branch October 26, 2023 06:11
joshtrichards added a commit to nextcloud/server that referenced this pull request Oct 26, 2023
@joshtrichards
Add community/third-party apps note to security policy
e86ba2b 
Just making it match the new global one in nextcloud/.github#241

Signed-off-by: Josh Richards <[email protected]>
@joshtrichards joshtrichards mentioned this pull request Oct 26, 2023
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nickvergessen nickvergessen nickvergessen approved these changes

@szaimen szaimen Awaiting requested review from szaimen

Assignees

No one assigned

Labels

3. to review Waiting for reviews security Security issues

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@joshtrichards @nickvergessen