[incubator-openwhisk] branch master updated: Enable soft delete mode for documents in CosmosDB (#4339)
This is an automated email from the ASF dual-hosted git repository. tysonnorris pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk.git The following commit(s) were added to refs/heads/master by this push: new e7253ac Enable soft delete mode for documents in CosmosDB (#4339) e7253ac is described below commit e7253ac5bac519df289321a22c5ee923bb96c1f7 Author: Chetan Mehrotra AuthorDate: Fri Mar 22 10:25:27 2019 +0530 Enable soft delete mode for documents in CosmosDB (#4339) * Enable soft deletion of documents in CosmosDB --- common/scala/src/main/resources/application.conf | 5 + .../database/cosmosdb/CosmosDBArtifactStore.scala | 163 ++--- .../core/database/cosmosdb/CosmosDBConfig.scala| 3 +- .../core/database/cosmosdb/CosmosDBUtil.scala | 41 ++ .../database/cosmosdb/CosmosDBViewMapper.scala | 17 ++- .../cosmosdb/CosmosDBSoftDeleteTests.scala | 43 ++ .../cosmosdb/CosmosDBStoreBehaviorBase.scala | 4 +- .../test/behavior/ArtifactStoreCRUDBehaviors.scala | 38 - .../behavior/ArtifactStoreQueryBehaviors.scala | 18 +++ 9 files changed, 272 insertions(+), 60 deletions(-) diff --git a/common/scala/src/main/resources/application.conf b/common/scala/src/main/resources/application.conf index 435dc94..c176478 100644 --- a/common/scala/src/main/resources/application.conf +++ b/common/scala/src/main/resources/application.conf @@ -201,6 +201,11 @@ whisk { # Specifies the current clusterId whose value is recorded with document upon any update # to indicate which cluster made the change. By default no such value is recorded # cluster-id= + +# Enables soft delete mode where by the document would not be actually deleted. Instead +# it would be marked deleted by setting `_deleted` property to true and then actual delete +# happens via TTL. +# soft-delete-ttl = 10 h connection-policy { max-pool-size = 1000 # When the value of this property is true, the SDK will direct write operations to diff --git a/common/scala/src/main/scala/org/apache/openwhisk/core/database/cosmosdb/CosmosDBArtifactStore.scala b/common/scala/src/main/scala/org/apache/openwhisk/core/database/cosmosdb/CosmosDBArtifactStore.scala index d7bdee1..c833ae6 100644 --- a/common/scala/src/main/scala/org/apache/openwhisk/core/database/cosmosdb/CosmosDBArtifactStore.scala +++ b/common/scala/src/main/scala/org/apache/openwhisk/core/database/cosmosdb/CosmosDBArtifactStore.scala @@ -24,6 +24,7 @@ import akka.stream.ActorMaterializer import akka.stream.scaladsl.{Sink, Source} import akka.util.ByteString import com.microsoft.azure.cosmosdb._ +import com.microsoft.azure.cosmosdb.internal.Constants.Properties import com.microsoft.azure.cosmosdb.rx.AsyncDocumentClient import kamon.metric.MeasurementUnit import org.apache.openwhisk.common.{LogMarkerToken, Logging, LoggingMarkers, MetricEmitter, TransactionId} @@ -34,7 +35,7 @@ import org.apache.openwhisk.core.database.cosmosdb.CosmosDBConstants._ import org.apache.openwhisk.core.entity.Attachments.Attached import org.apache.openwhisk.core.entity._ import org.apache.openwhisk.http.Messages -import spray.json.{DefaultJsonProtocol, JsObject, JsString, JsValue, RootJsonFormat, _} +import spray.json._ import scala.collection.JavaConverters._ import scala.concurrent.{ExecutionContext, Future} @@ -64,14 +65,12 @@ class CosmosDBArtifactStore[DocumentAbstraction <: DocumentSerializer](protected protected val client: AsyncDocumentClient = clientRef.get.client private[cosmosdb] val (database, collection) = initialize() - private val _id = "_id" - private val _rev = "_rev" - private val putToken = createToken("put", read = false) private val delToken = createToken("del", read = false) private val getToken = createToken("get") private val queryToken = createToken("query") private val countToken = createToken("count") + private val softDeleteTTL = config.softDeleteTTL.map(_.toSeconds.toInt) private val clusterIdValue = config.clusterId.map(JsString(_)) @@ -79,7 +78,7 @@ class CosmosDBArtifactStore[DocumentAbstraction <: DocumentSerializer](protected this, s"Initializing CosmosDBArtifactStore for collection [$collName]. Service endpoint [${client.getServiceEndpoint}], " + s"Read endpoint [${client.getReadEndpoint}], Write endpoint [${client.getWriteEndpoint}], Connection Policy [${client.getConnectionPolicy}], " + - s"Time to live [${collection.getDefaultTimeToLive} secs, clusterId [${config.clusterId}]") + s"Time to live [${collection.getDefaultTimeToLive} secs, clusterId [${config.clusterId}], soft delete TTL [${config.softDeleteTTL}]") //Clone the returned instance as these are mutable def documentCollection(): DocumentCollection = new DocumentCollection(collection.toJson) @@
svn commit: r33124 - /dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/
Author: houshengbo Date: Fri Mar 22 00:35:19 2019 New Revision: 33124 Log: Create the directory for 2.0.0-incubating-rc2 in staging. Added: dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/
svn commit: r33125 - /dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/
Author: houshengbo Date: Fri Mar 22 00:35:23 2019 New Revision: 33125 Log: Staging Apache OpenWhisk release 2.0.0-incubating-rc2. Added: dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz (with props) dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz.asc dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz.sha512 dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-cloudant-2.0.0-incubating-sources.tar.gz (with props) dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-cloudant-2.0.0-incubating-sources.tar.gz.asc dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-cloudant-2.0.0-incubating-sources.tar.gz.sha512 dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-kafka-2.0.0-incubating-sources.tar.gz (with props) dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-kafka-2.0.0-incubating-sources.tar.gz.asc dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-kafka-2.0.0-incubating-sources.tar.gz.sha512 Added: dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz == Binary file - no diff available. Propchange: dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz -- svn:mime-type = application/octet-stream Added: dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz.asc == --- dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz.asc (added) +++ dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz.asc Fri Mar 22 00:35:23 2019 @@ -0,0 +1,17 @@ +-BEGIN PGP SIGNATURE- +Version: GnuPG v1 + +iQIcBAABAgAGBQJclC3IAAoJEHKvDMIsTPMgJCsQAJV0zXHdrqOWWhSYOlJvfezw +b5FtJKmXRIMSC86lIS/kDNjBBfTNG8dRFf4QTbFfm9f98dWPUBJFvIrhEu+m/RPv +k2umx81yL0VE2MfeKwRhSZbjpcGig3rS3/mLEetsfbIjpflPFG6fLnE9LCrrYsqs +66ENOGsUKqH/Gz5tbxN4crJwuNDNuoOWQUfmohTBlJ3CCYBcN3GdBGu2iItZDQKF +5a2ElxLhSw1N2je00oxYoXC4whsNhO1rzEvJFUONRMNWquUQUNzYfw1wHYK1Osfd +0io88xTTVWAkglDy8spXb3+Wyz35kZgfs+9+jAVLuQpNb6cG2ObrKeKmR9+sdTvx +d8xkXTWkz2D1IxkpYgGTvdQTyT7u5s4SRozmK5KoZqpi/at5zkLvZ5nbgT+Vqb7w +ctLvUBoO6iJUyKrNLdf0Xrdboc8lzkoGz7m5ReCcSJdzXlfrJlr/yAW3q03f0i7D +oMInSXWLYKQEAmVOB32ix5APn4nKqH7lxRNpNwTG5gcoJYrfPMLcfze6uTzI4ygn +VY3EUmQJ/3UsoBeGUpWZ/9bcQi4DzAzWLpIjh82ckLR237qe/MTuFlZ6JK40Yhw7 +d4074Cu7/sW1p3R9FvyGpvp4WgJ0qt/JxRtUX0GLuzcZWBjDO+lajPHZP4Io+41f +IXNW9V92cvUJx6qzxhOj +=4eoT +-END PGP SIGNATURE- Added: dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz.sha512 == --- dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz.sha512 (added) +++ dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz.sha512 Fri Mar 22 00:35:23 2019 @@ -0,0 +1,3 @@ +openwhisk-package-alarms-2.0.0-incubating-sources.tar.gz: +9C158D76 B5D9A53A AC10AC42 4CD5060C 7A6467D5 E9624519 117E9C8C AB171590 CCC3505D + 5C7E630D C41769B4 44F85F03 BBA40A6A E04D2264 79FFA78B B3C5BFB8 Added: dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-cloudant-2.0.0-incubating-sources.tar.gz == Binary file - no diff available. Propchange: dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-cloudant-2.0.0-incubating-sources.tar.gz -- svn:mime-type = application/octet-stream Added: dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-cloudant-2.0.0-incubating-sources.tar.gz.asc == --- dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-cloudant-2.0.0-incubating-sources.tar.gz.asc (added) +++ dev/incubator/openwhisk/apache-openwhisk-2.0.0-incubating-rc2/openwhisk-package-cloudant-2.0.0-incubating-sources.tar.gz.asc Fri Mar 22 00:35:23 2019 @@ -0,0 +1,17 @@ +-BEGIN PGP SIGNATURE- +Version: GnuPG
[incubator-openwhisk-release] branch master updated: Update the credentials to access the Apache SVN repository (#253)
This is an automated email from the ASF dual-hosted git repository. houshengbo pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-release.git The following commit(s) were added to refs/heads/master by this push: new 16943a3 Update the credentials to access the Apache SVN repository (#253) 16943a3 is described below commit 16943a3e466fd4d7d6157561876f5bac86506b10 Author: Vincent AuthorDate: Thu Mar 21 20:33:55 2019 -0400 Update the credentials to access the Apache SVN repository (#253) --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index a7ee12e..f71348c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -19,8 +19,8 @@ sudo: required env: global: - - secure: S4eRZSGj/pfsicg50UXrTmwRurzgUrd0idQH5nKvc+O+lwAYv3SIhbsufUHseQEUSfoO0jFCyoCbWDtFMdsW3t2eGPdciViek/LaocxxG2Br539VDVXhS+NAwqiRGbCqKHCe2aNqIdo8vCvUaj/BfFJNUK4Fhpw6iBix0pvlnRkYBX7hHphU88N69gmnMOo1oZwEwaobaQeXOc/8OwH2aPD8lCmNk41IvvLFAwIhXrP4Thb+xBh4+oSlqcJyDCUouIfYFd4B1pHQehAVu0kBoUiKZHfKUyT+Q/V8hzBR3nJ/IzzSLNOYcTTYXBbL5x/SKe/LiBio4yLdPuRMTZl/xKarhShHJg3JKRvfushaMJDKJfLrbcCPUDnSCK1v0D4zZc0DceOBawhipSPkam3kNER/ImZcpTj79u/VKBrlwbVwjKTyZ4d/4/N2cP4jyvjmwW6fM4N3kM/V+S+EoGR5EiFTKAiPBzKa [...] - - secure: zqevjGa1iX3I6ZM1upNvNhEVBRq5sYpfK1pAzj6t7nTyCNvZoftTeMtDpP6eo6xAo+PatycEubwZ/pwac3V142AAgYrLXwqlojWWMQmx11BoTa3n1uJTtQyBr/5qjOLYs8VE5eDFKcXvXLQ5IDtLSZiYFGxmWQGInUNQlBaP9MQIRb2w+UgZBrp+1jRuaFs9I0+eLz3XLsyp9DeUa70lm49QiniKEktJdcUEQpQR0906k9DaRsvA3BIVsLtBwmUSg5+v8tsy13yKsPZgWNYfAjLU2DZHUQBQVj22FeSTMGOiCFSdRejhhFu9HpR7eJGoKMQGRzdTDLWZechVcVim849eVBjS6VfNBLAHOlyxIxy1Qf530610BYW2bBcaU3PhDjIcW8B+Z7EFZmYdpJRaT4CT7metLKTszy6W/splqG+3XP2XH4KmN8YPSikNiPagGP4beFIHxmCcNopHtJGhD4R8w6xqCKvN [...] + - secure: Ewi5JFoq6fr4MxGNdhF075gs0hGwvUws6PdfuRz4Xx+vQSGIsStBcaUrK+oiOxiJ1Z6LY7i6A916PTg+fmzyLgkE+FAOCVcNxtCEoyYXPV7JqGwHYGSBOVDa6Xxz5OEccbmdD7zYFfGKniSfyVhtFYyACRZoTIqvOfiuXHDNSCosXL2PO+8I9UaQek2Y1TG+LNuysz9blkY8ykPQMB7bWBAAfPm+UhRZdkbtXDT9dfRdIQ6IYTKsBmwUEf9UiY64h8nr3pxcLHtwkkZMmDfIPk56BN+vt8dFfO6JrbodqwiTwvbhPkD0S6XFAebNthbgY7dtN+9Lje5F0pgO0PBc+bjNMljappjuOl2/xb/ZxeowFnmR1h7tCZ41UDFMqMY+BEBd+wIjuGjC5OylftiA5kiKBDPUBS5AV9JlN6DMeJySbACprHXpAN0rjJLxEiZXxris1mRfZO+4UMBMGRFbG017WpueSNOn [...] + - secure: jFn9V/gAyihATBMxGSIyYLo+DfVYGz1xflEB5e7MeRr7uSkB1off39U6B5WpxgCNqmE24gmBsATVmghCYmvxnFxwfD5Q3McTtcj8zX5yVfBQ0FlrXnaZ/dHlzpygRNmk0EK+IRsuCExabZ4SnJ8PvLp4YV4ni9U+8CNjE/df5GIAIoqck/UsvO5zPGiqI/Ppi2ElpyTnhhGpAq+1eWmz/MsI21tZJZF8/E0CV9nmAQTq8TrHDuPcIagE0gx7+1FUrEGhY8LckXoYzWm/1nG+r7hDi3qYe+p0vlB8tiek+33nYWk/QW03QQ/9dXc054aUedXxNMDt5kGxlfy/ef+U53wsvs4KMS582KKqweIIx1RRYApwkpooqSziPdLRcxSQOMpP8hRI7yS7wJzXtJ7X7gp/DevaFeCDPQV0OnWjGO4dM8JbTEz86ec131txibiColS4i+//aPmHlUXa6OTuchxZOgMCBFz5 [...] notifications: email: false
[incubator-openwhisk-release] branch master updated: Remove the docker and deprecated version of Travis (#252)
This is an automated email from the ASF dual-hosted git repository. houshengbo pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-release.git The following commit(s) were added to refs/heads/master by this push: new 5be8dd5 Remove the docker and deprecated version of Travis (#252) 5be8dd5 is described below commit 5be8dd558437adfd74f855bddb949a7535cb9b5a Author: Vincent AuthorDate: Thu Mar 21 20:18:53 2019 -0400 Remove the docker and deprecated version of Travis (#252) --- .travis.yml | 9 - tools/verify_source_code.sh | 3 ++- 2 files changed, 2 insertions(+), 10 deletions(-) diff --git a/.travis.yml b/.travis.yml index 2d6f6c2..a7ee12e 100644 --- a/.travis.yml +++ b/.travis.yml @@ -17,11 +17,6 @@ sudo: required -group: deprecated-2017Q3 - -services: - - docker - env: global: - secure: S4eRZSGj/pfsicg50UXrTmwRurzgUrd0idQH5nKvc+O+lwAYv3SIhbsufUHseQEUSfoO0jFCyoCbWDtFMdsW3t2eGPdciViek/LaocxxG2Br539VDVXhS+NAwqiRGbCqKHCe2aNqIdo8vCvUaj/BfFJNUK4Fhpw6iBix0pvlnRkYBX7hHphU88N69gmnMOo1oZwEwaobaQeXOc/8OwH2aPD8lCmNk41IvvLFAwIhXrP4Thb+xBh4+oSlqcJyDCUouIfYFd4B1pHQehAVu0kBoUiKZHfKUyT+Q/V8hzBR3nJ/IzzSLNOYcTTYXBbL5x/SKe/LiBio4yLdPuRMTZl/xKarhShHJg3JKRvfushaMJDKJfLrbcCPUDnSCK1v0D4zZc0DceOBawhipSPkam3kNER/ImZcpTj79u/VKBrlwbVwjKTyZ4d/4/N2cP4jyvjmwW6fM4N3kM/V+S+EoGR5EiFTKAiPBzKa [...] @@ -36,10 +31,6 @@ notifications: jobs: include: -#- stage: verify source code -# script: ./tools/travis/verify_source_code.sh -#- stage: deploy -# script: ./tools/travis/setup.sh - stage: package script: ./tools/travis/package_project.sh $SVN_USERNAME $SVN_PASSWORD diff --git a/tools/verify_source_code.sh b/tools/verify_source_code.sh index 059c980..9c7a880 100755 --- a/tools/verify_source_code.sh +++ b/tools/verify_source_code.sh @@ -25,7 +25,8 @@ PARENTDIR="$(dirname "$SCRIPTDIR")" # run Apache rat to check headers cd $OPENWHISK_SOURCE_DIR cp $SCRIPTDIR/lib/pom.xml ./ -mvn clean apache-rat:check +# Comment out the rat check, since it has been applied in the release process +# mvn clean apache-rat:check echo "Check the existence of LICENSE and NOTICE."
svn commit: r33120 - /dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test
Author: houshengbo Date: Thu Mar 21 21:24:15 2019 New Revision: 33120 Log: Add test file Added: dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test Added: dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test == --- dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test (added) +++ dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test Thu Mar 21 21:24:15 2019 @@ -0,0 +1 @@ +hjh
svn commit: r33119 - /dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test
Author: houshengbo Date: Thu Mar 21 21:22:40 2019 New Revision: 33119 Log: Remove test file Removed: dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test
svn commit: r33118 - /dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test
Author: houshengbo Date: Thu Mar 21 21:21:33 2019 New Revision: 33118 Log: Add test file Added: dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test Added: dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test == --- dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test (added) +++ dev/incubator/openwhisk/apache-openwhisk-0.9.0-incubating-rc2/test Thu Mar 21 21:21:33 2019 @@ -0,0 +1 @@ +dsd
[incubator-openwhisk-website] branch asf-site updated: Automatic Site Publish by Jenkins
This is an automated email from the ASF dual-hosted git repository. git-site-role pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-website.git The following commit(s) were added to refs/heads/asf-site by this push: new b237547 Automatic Site Publish by Jenkins b237547 is described below commit b2375470502d7751da785275889f2330eb0730af Author: jenkins AuthorDate: Thu Mar 21 16:49:11 2019 + Automatic Site Publish by Jenkins --- feed.xml | 2 +- security.html | 12 2 files changed, 5 insertions(+), 9 deletions(-) diff --git a/feed.xml b/feed.xml index 94d3dac..1752f0a 100644 --- a/feed.xml +++ b/feed.xml @@ -1,2 +1,2 @@ -http://www.w3.org/2005/Atom; >https://jekyllrb.com/; version="3.3.0">Jekyll2019-03-19T18:32:41+00:00/feed.xmlApache OpenWhisk is a serverless, open source cloud platformAn open source platform for serverless, event-driven code at any [...] +http://www.w3.org/2005/Atom; >https://jekyllrb.com/; version="3.3.0">Jekyll2019-03-21T16:49:06+00:00/feed.xmlApache OpenWhisk is a serverless, open source cloud platformAn open source platform for serverless, event-driven code at any [...] \ No newline at end of file diff --git a/security.html b/security.html index 531f768..c7b3ecf 100644 --- a/security.html +++ b/security.html @@ -227,17 +227,13 @@ function addListenersToSections() Report a security vulnerability - It is strongly encouraged that security vulnerabilities be reported to our private mailing list first, rather than disclosing them in a public forum. The private security mailing address is: mailto:priv...@openwhisk.apache.org;>priv...@openwhisk.apache.org - Please note that this mailing list should only be used for reporting undisclosed security vulnerabilities for Apache OpenWhisk code or dependent libraries, runtimes and tooling. We do not accept regular bug reports or other queries at this address. - The OpenWhisk project management committee upon receiving the report will follow the Apache https://www.apache.org/security/committers.html#vulnerability-handling;>Vulnerability handling process as documented. - +We encourage following the Apache http://www.apache.org/security/#reporting-a-vulnerability;>Vulnerability Reporting process for reporting suspected security vulnerabilities rather than disclosing them in a public forum. +In short, the person discovering the issue, the reporter, should notify the Apache Security team with details of the suspected vulnerability by sending an email to mailto:secur...@apache.org;>secur...@apache.org. +The Apache security team will notify the Apache OpenWhisk Project Management Committee (PMC) and work with them and the submitter to address the issue as described by the Apache https://www.apache.org/security/committers.html#vulnerability-handling;>Vulnerability Handling process. +Please note that this mailing list should only be used for reporting undisclosed security vulnerabilities for Apache OpenWhisk code or dependent libraries, runtimes and tooling. Bug reporting should be done by opening a GitHib Issue within the corresponding project repository where a bug is suspected. - -Note: The Apache OpenWhisk community works in accordance with documented Apache security processes documented here: http://www.apache.org/security/;>Reporting a vulnerability - -
[incubator-openwhisk-website] branch master updated: Alter prose and email to directyl leverage Apache reporting process. (#364)
This is an automated email from the ASF dual-hosted git repository. pdesai pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-website.git The following commit(s) were added to refs/heads/master by this push: new 515b546 Alter prose and email to directyl leverage Apache reporting process. (#364) 515b546 is described below commit 515b54660af155e42289d708a5ccef4dc7db2827 Author: Matt Rutkowski AuthorDate: Thu Mar 21 11:47:04 2019 -0500 Alter prose and email to directyl leverage Apache reporting process. (#364) --- _layouts/security.html | 12 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/_layouts/security.html b/_layouts/security.html index 2bf6259..fd27298 100644 --- a/_layouts/security.html +++ b/_layouts/security.html @@ -32,17 +32,13 @@ layout: default Report a security vulnerability - It is strongly encouraged that security vulnerabilities be reported to our private mailing list first, rather than disclosing them in a public forum. The private security mailing address is: mailto:priv...@openwhisk.apache.org;>priv...@openwhisk.apache.org - Please note that this mailing list should only be used for reporting undisclosed security vulnerabilities for Apache OpenWhisk code or dependent libraries, runtimes and tooling. We do not accept regular bug reports or other queries at this address. - The OpenWhisk project management committee upon receiving the report will follow the Apache https://www.apache.org/security/committers.html#vulnerability-handling;>Vulnerability handling process as documented. - +We encourage following the Apache http://www.apache.org/security/#reporting-a-vulnerability;>Vulnerability Reporting process for reporting suspected security vulnerabilities rather than disclosing them in a public forum. +In short, the person discovering the issue, the reporter, should notify the Apache Security team with details of the suspected vulnerability by sending an email to mailto:secur...@apache.org;>secur...@apache.org. +The Apache security team will notify the Apache OpenWhisk Project Management Committee (PMC) and work with them and the submitter to address the issue as described by the Apache https://www.apache.org/security/committers.html#vulnerability-handling;>Vulnerability Handling process. +Please note that this mailing list should only be used for reporting undisclosed security vulnerabilities for Apache OpenWhisk code or dependent libraries, runtimes and tooling. Bug reporting should be done by opening a GitHib Issue within the corresponding project repository where a bug is suspected. - -Note: The Apache OpenWhisk community works in accordance with documented Apache security processes documented here: http://www.apache.org/security/;>Reporting a vulnerability - -