It would be a good idea to audit various Drupal.org systems for security. Apart from auditing authentication and authorization on various parts (drupal permissions, jobs, repositories) there's custom code used to operate Drupal.org and/or subsites.
My company is willing to do the code security audit on custom modules and theme(s).
To do so, I require an authorative list of locations where I can access such code. (I know about http://drupal.org/project/drupalorg_testing, but I do not know if this is sufficient.)
Closed: outdated
Other
It makes Drupal less vulnerable to abuse or misuse. Note, this is the preferred tag, though the Security tag has a large body of issues tagged to it. Do NOT publicly disclose security vulnerabilities; contact the security team instead. Anyone (whether security team or not) can apply this tag to security improvements that do not directly present a vulnerability e.g. hardening an API to add filtering to reduce a common mistake in contributed modules.
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Changing tag as this is not about a real security issue.
Pretty safe to guess Heineโs companyโs offer from 12 years ago is no longer relevant.
Thanks,
-Derek