Thanks for the PR reviews. The developer guide is now updated: https://docs.geoserver.org/latest/en/developer/policies/security.html
I expect we will refine this over time as we learn from experience. I am not sure about anyone else, but I have been getting a number of private emails sent to me (redirected to geoserver-users or commercial support page as appropriate). So I believe that use of CVE as an experiment is working - it is reaching a wider audience then our release announcements and emails. -- Jody Garnett On Jul 3, 2024 at 8:53:59 PM, Jody Garnett <jody.garn...@gmail.com> wrote: > Following up on an action item: > > - action: Add something to our developers guide for geoserver-security > list (in addition to SECURITY.md note) > > > I have adapted the text of GISP-220 (which was quite complete given the > feedback) into a PR for the developers guide: > > - [GEOS-11455] Update developers guide with GSIP-220 security policy > <https://github.com/geoserver/geoserver/pull/7759> > > > It had been a while since I looked at the developer guide, I noticed some > headings were incorrect and gathered up the release instructions: > > - Gather up release docs > <https://github.com/geoserver/geoserver/pull/7758> > - fix cite test instructions headings for table of contents > <https://github.com/geoserver/geoserver/pull/7757> > >
_______________________________________________ Geoserver-devel mailing list Geoserver-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/geoserver-devel