Hey Ed, the Apache Fineract website is a github repo you'll find at Apache's github mirror.
Simply fork it, create a new branch, do the needed changes and send a PR. Best wishes, Markus Geiss Chief Architect RɅĐɅЯ, The Mifos Initiative On Jan 24, 2017 15:58, "Ed Cable" <edca...@mifos.org> wrote: > Markus, > > Nazeer is continuing to work on addressing the areas of concern related to > QU10, QU40, and RE50. > > Could you provide me access to the Apache Fineract website to address CO10 > and then for CS10 do we want that on the Apache Fineract website or the > wiki? > > Thanks, > > Ed > > On Tue, Jan 10, 2017 at 5:48 AM, Jim Jagielski <j...@jagunet.com> wrote: > >> Agreed. >> >> > On Jan 6, 2017, at 8:41 PM, Roman Shaposhnik <ro...@shaposhnik.org> >> wrote: >> > >> > On Fri, Jan 6, 2017 at 4:24 PM, Ed Cable <edca...@mifos.org> wrote: >> >> Could our Apache Fineract mentors please provide some guidance on a >> couple >> >> of the areas we need to improve upon: >> >> >> >> QU10 "*The project is open and honest about the quality of its code. >> >> Various levels of quality and maturity for various modules are natural >> and >> >> acceptable as long as they are clearly communicated." -* >> >> >> >> Do you have any other projects you could point to that have strong >> >> transparent measures of quality and maturity clearly available We want >> to >> >> follow best practices and adopt similar to display at >> >> http://fineract.incubator.apache.org >> > >> > Regular deployment of tools like Findbugs is a good indication that you >> take >> > this requirement seriously. >> > >> >> *QU30: The project provides a well-documented channel to report >> security >> >> issues, along with a documented way of responding to them.* >> >> >> >> Currently we just link to: http://www.apache.org/security/ Are we >> able to >> >> do as other projects at http://www.apache.org/security/projects.html >> or is >> >> a private channel not something we can set up till we're out of >> >> incubation. If we can move forwarde, I'd suggest we have a security >> page >> >> on our site, document and fix known vulnerabilities and then provide >> clear >> >> instruction on reporting vulnerabilities to a private channel like >> >> secur...@fineract.incubator..apache.org >> > >> > This is less about security@fineract vs. >> http://www.apache.org/security/ >> > and more about the community being ready for when the first 0 day >> > hits either of those. Being ready is a combination of tribal knowledge, >> > wiki recommendations and a release policy that would allow you to patch >> > at a drop of a hat. >> > >> > Thanks, >> > Roman. >> >> > > > -- > *Ed Cable* > Director of Community Programs, Mifos Initiative > edca...@mifos.org | Skype: edcable | Mobile: +1.484.477.8649 > <(484)%20477-8649> > > *Collectively Creating a World of 3 Billion Maries | *http://mifos.org > <http://facebook.com/mifos> <http://www.twitter.com/mifos> > >
