My bad. I looked at https://reporter.apache.org/wizard/statistics?submarine (committer only) and it shows only one mailing list.
https://www.apache.org/security/ https://www.apache.org/security/committers.html For security reports, a reporter may use secur...@apache.org. It looks to me that a project-specific security mailing list may be set up, but not required. On Mon, Jan 13, 2020 at 5:49 PM Zhankun Tang <zt...@apache.org> wrote: > Hi Wei-Chiu, > > There's dev, user and commit mailing list published here: > http://submarine.apache.org/community/contributors.html > I think we could have the security mailing list. But I'm afraid it might be > less active for a long time. :) > And for the user issue, I guess they will ask the user mailing list or > paste in the github issue page? > > BR, > Zhankun > > On Tue, 14 Jan 2020 at 09:41, Wei-Chiu Chuang <weic...@apache.org> wrote: > > > As of now the Submarine has only one mailing alias: dev at > > submarine.apache.org > > > > All the auto-generated messages from PR/JIRA activities go into this > > mailing list, and it is easy to overlook if someone ask for something in > > the dev @. I propose to create a issues@ mailing alias for these auto > > generated messages. > > > > Is there a secur...@submarine.apache.org for reporting security > > vulnerabilities? I don't see it being advertised so not sure if it exists > > or not. > > > > Additionally, what about a user @ mailing list? > > >
