I'd suggest another label for security review complete but needs fixes. There's currently 12 PRs showing as blocked by needing security review (1 or 2 of these may need a fix and a label could make that clearer) https://github.com/jenkinsci/jenkins/pulls?q=is%3Apr+is%3Aopen+sort%3Aupdated-desc+label%3Aneeds-security-review
Cheers Tim On Wed, 22 Jun 2022 at 20:31, '[email protected]' via Jenkins Developers <[email protected]> wrote: > The team got "triage" permission, so that they can add the newly created > label "security-approved", so that it's easier to understand when it's good > to go. That will also "solve" Daniel's concern about regular review ;-) > > On Wednesday, June 22, 2022 at 9:30:47 PM UTC+2 [email protected] wrote: > >> On Wed, Jun 22, 2022 at 9:26 PM '[email protected]' via Jenkins >> Developers <[email protected]> wrote: >> >>> Great idea Alex => *@jenkinsci/core-security-review* created >>> >>> Thanks for the feedback and yes Tim, I will allocate more people to >>> those reviews, compared to the hosting requests that were mainly >>> out-of-order stuff we are doing. >>> >> >> I would like to retain the ability to review core PRs without those >> reviews automatically counting towards security review, so please be >> mindful in the handling of this reviewer group. (In particular, me >> requesting changes for other reasons should not carry the same weight as >> rejecting a PR for security reasons.) >> > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/jenkinsci-dev/cdc1485d-e683-4033-aff5-3b1410e10481n%40googlegroups.com > <https://groups.google.com/d/msgid/jenkinsci-dev/cdc1485d-e683-4033-aff5-3b1410e10481n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAH-3Bifqo9SnxNRVidFxoh-%3DhFMGwtMPVPeqdwMw9PXHts1w_Q%40mail.gmail.com.
