Dear Geertjan, community,
On QU30. The project provides a well-documented channel to report
security issues, along with a documented way of responding to them.
The: "Website provides a link in the footer to the Apache Security page
<https://www.apache.org/security/>." I guess satisfies the criteria,
though shouldn't have we have an own security page, listing our CVE-s
and how to address them, then a link from there to the Apache Security page?
On 1/31/19 4:57 AM, Geertjan Wielenga wrote:
Hi all,
As part of the process to move us out of the Apache Incubator, we need to
do a self-analysis of our maturity as an Apache project.
I have completed the self-analysis here:
https://cwiki.apache.org/confluence/display/NETBEANS/Apache+Maturity+Model+Assessment+for+NetBeans
Comments are welcome and needed!
Feel free to respond in this thread with caveats, thoughts, additions,
comments, insights, etc.
Thanks,
Gj
