This needs to happen related to #3068539: Add psa.json API endpoint to support automatic updates → and #3045273: Add real endpoint after drupal.org provides a live feed → .
The basics as I understand them is someone with production drush access has a command to run after a highly-critical PSA comes out, and another after the SA comes out and releases are all published & settled. It is an explicit list of nids, so we also should think about clearing out the data after some amount of time, to make room for the next one, and remove any “remember the current nids and persist them yourself” step.
Anyone with root on production, mlhess, all Association engineering staff, and nnewton have access to update this API.
btch1:~$ sudo -u bender -H drush -r /var/www/drupal.org/htdocs -v drupalorg-update-psa-json --test nid,nid
--test will update https://updates.drupal.org/psa-this-is-only-a-test.json. Omit the option to update the production API at https://updates.drupal.org/psa.json
nid,nid is a comma separated list of PSA and SA nids to include information from. Omit the option to clear all PSAs and SAs.
Fixed
1.0
Documentation
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
I think we've documented this and haven't had to use it as far as I remember.
It seems this is likely out of date now. I'm not sure if anything similar is still needed. If so, hoping someone following this can help explain.