search

openssl / general-policies

Mirror of the repository for general policies, governed by the OMC (OpenSSL Management Committee)
13 stars 23 forks source link

Update the security policy to include MODERATE issues in prenotifications #20

Closed iamamoose closed 2 years ago

iamamoose commented 2 years ago

vote to accept this as https://github.com/openssl/general-policies/pull/20/commits/0c4587583bc4ca54e1796e8565aadd8a3a551d9b

paulidale commented 2 years ago

Vote: [+1]

mattcaswell commented 2 years ago

A vote on this is premature. It's not been open for 2 weeks as per the policy change process.

iamamoose commented 2 years ago

A vote on this is premature. It's not been open for 2 weeks as per the policy change process.

good point. will make it ready to vote in 2 weeks.

paulidale commented 2 years ago

I don't think the policy prevents opening the vote early, it just says the PR must be open for two weeks and the ready to vote label is applied after this. It doesn't specify anything about the timing of the vote, just that one must occur.

t-j-h commented 2 years ago

I don't think the policy prevents opening the vote early

I disagree - we don't call for a vote until the two weeks is up - so there is no concept of voting early as such as there isn't a vote until that point. We can always provide indications - but votes have to come after the call for the vote after the two week period has happened.

We need to be consistent on this as the purpose behind the two week period is to enable wider feedback and discussion in case the policy should be altered before getting to a point where we think we have reached a "stable" version good to get a formal vote to make the decision.

paulidale commented 2 years ago

Why did this get closed automatically???

I've restored the branch and reopened.

mattcaswell commented 2 years ago

Why did this get closed automatically???

I've restored the branch and reopened.

The branch has been created in the wrong place, i.e. it has been created directly in the github mirror of the main repo instead of in a personal github fork of the repo. When anyone does a push to the main repo, there is a mirror push to the github copy of the repo. The mirror push will delete any local branches not present in the main repo - and hence this PR will get closed.

This will keep happening every time anyone pushes something to the main repo. @iamamoose - please can you re-create this PR based on a branch in your local fork?

iamamoose commented 2 years ago

replaced by: https://github.com/openssl/general-policies/pull/21