potiuk opened a new pull request, #224: URL: https://github.com/apache/airflow-steward/pull/224
## Summary Add `tools/vulnogram/release-manager-wrap-up-comment.md` — the template `security-issue-sync` posts AFTER the tracker has been auto-closed at the end of the post-advisory lifecycle close-out. By the time this comment fires, the sync's combined apply has already done all of: - Captured the archive URL from `<users-list>`. - Extracted the public short summary from the advisory email into the *Short public summary for publish* body field. - Flipped labels (`fix released → announced - emails sent + announced`). - Regenerated + re-pushed the CVE JSON. - Moved the Vulnogram record `REVIEW → PUBLIC` via the new `vulnogram-api-record-publish` CLI (#223). - Moved the project board to the `Announced` column. - Closed the tracker as `completed`. The wrap-up comment is the tiny ping to the RM with two residual manual steps: 1. Archive the closed tracker from the `Announced` column. 2. **(Conditional, last-sibling case only)** Close the milestone via the clickable URL the skill substitutes into `MILESTONE_BULLET`. In the more common "other siblings still open" case the bullet resolves to an empty string; the milestone close happens when the *last* sibling tracker reaches the same step. ## Marker + idempotency Marker on line 76: `<!-- apache-steward: release-manager-wrap-up v1 -->`. Sync uses this for idempotency — the tracker is closed by the time this comment posts; re-posting on a re-sync would just be noise. ## Relationship to the rest of the arc - [#222](https://github.com/apache/airflow-steward/pull/222) — convention update. Describes when this comment fires (the `Advisory archived on <users-list>` row of Step 2b). - [#223](https://github.com/apache/airflow-steward/pull/223) — `vulnogram-api-record-publish` CLI. The tool that flips `REVIEW → PUBLIC`, referenced from the template. - **This PR** — the wrap-up template that the post-publish comment uses. - **Follow-up** — SKILL.md Step 4 hookup: the apply-side text that actually composes the placeholders and posts the comment. ## Test plan - [ ] Doc-only template; existing pre-commit (link-check, TOC, markdown-lint, skill-validate) passes. - [ ] Future sync-skill PR will reference this template by path; this PR is a no-op until that lands. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
