+1, labels indeed help to make it more clear what still needs to be done. We could add something like "needs-security-fix" next to the "needs-fix" label.
On Thursday, 30 June 2022 at 12:37:18 UTC+2 [email protected] wrote: > I'd suggest another label for security review complete but needs fixes. > > There's currently 12 PRs showing as blocked by needing security review (1 > or 2 of these may need a fix and a label could make that clearer) > > https://github.com/jenkinsci/jenkins/pulls?q=is%3Apr+is%3Aopen+sort%3Aupdated-desc+label%3Aneeds-security-review > > Cheers > Tim > > On Wed, 22 Jun 2022 at 20:31, '[email protected]' via Jenkins > Developers <[email protected]> wrote: > >> The team got "triage" permission, so that they can add the newly created >> label "security-approved", so that it's easier to understand when it's good >> to go. That will also "solve" Daniel's concern about regular review ;-) >> >> On Wednesday, June 22, 2022 at 9:30:47 PM UTC+2 [email protected] >> wrote: >> >>> On Wed, Jun 22, 2022 at 9:26 PM '[email protected]' via Jenkins >>> Developers <[email protected]> wrote: >>> >>>> Great idea Alex => *@jenkinsci/core-security-review* created >>>> >>>> Thanks for the feedback and yes Tim, I will allocate more people to >>>> those reviews, compared to the hosting requests that were mainly >>>> out-of-order stuff we are doing. >>>> >>> >>> I would like to retain the ability to review core PRs without those >>> reviews automatically counting towards security review, so please be >>> mindful in the handling of this reviewer group. (In particular, me >>> requesting changes for other reasons should not carry the same weight as >>> rejecting a PR for security reasons.) >>> >> -- >> > You received this message because you are subscribed to the Google Groups >> "Jenkins Developers" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> > To view this discussion on the web visit >> https://groups.google.com/d/msgid/jenkinsci-dev/cdc1485d-e683-4033-aff5-3b1410e10481n%40googlegroups.com >> >> <https://groups.google.com/d/msgid/jenkinsci-dev/cdc1485d-e683-4033-aff5-3b1410e10481n%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/f213dcb6-411a-4339-86f9-954cbdb21c5cn%40googlegroups.com.
