Provide downstream notification to forks of security issues/vulnerabilities when they become public

todogroup / gh-issues

A curated set of issues related to GitHub and running corporate scale open source

http://todogroup.org

25 stars 4 forks source link

Provide downstream notification to forks of security issues/vulnerabilities when they become public #39

Open david-a-wheeler opened 8 years ago

david-a-wheeler commented 8 years ago

Please support downstream notification to forks of security issues/vulnerabilities when they are made public. This could perhaps be done via a specific vulnerability tag like “security”, but really any implementation would be fine.

jeffmcaffer commented 5 years ago

Great one. The new security advisories work may address this though I'm not sure that forks are informed. @jhutchings1 may know

jhutchings1 commented 5 years ago

That's not functionality we support in the security advisories beta, but it's very good feedback for us to consider for later. Thanks!