- Issue created by @greggles
- 🇺🇸United States greggles Denver, Colorado, USA
I worked on
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →Also noted some in the issue summary that I think should be deleted as they are no longer relevant.
- 🇺🇸United States greggles Denver, Colorado, USA
Updating credit for this work.
- 🇺🇸United States greggles Denver, Colorado, USA
I cleaned up these:
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... →
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... → - this one required removing a section that was an outdated concept about using the security update tag on non-stable releases.
https://www.drupal.org/drupal-security-team/security-team-procedures/sec... → - Status changed to Fixed
over 1 year ago 2:26pm 1 March 2024 - 🇺🇸United States greggles Denver, Colorado, USA
OK, this is now done. I've reviewed and made a pass at improving all the templates for current processes and standards (e.g. https and www on urls). I deleted 3 pages that seemed unlikely to be used and were therefore making it harder to find the message people do want.
Here's the content of the 3 I deleted so we can restore if someone wants them:
1750922 Title: Follow-up with maintainer about plan for module releases
Subject: [Drupal Security] Upcoming release for your module
Dear {name},
We have reviewed the patches for the module and everything is in place to release on this coming Wednesday {specific date}. The security team meeting starts Wednesday at noon (Eastern time USA). You must commit the fixes and create new release(s) of your module no later than Wednesday at noon. You must include 'Security update' when selecting the release type. In order to make the coordination easier, you may commit the fix and make the releases up to 24 hours in advance - in other words, any time after noon (Eastern time USA) on Tuesday. As soon as you make the releases, please update this issue with the URL's to the releases.
If you have not done so already, please create a draft SA at httpS://security.drupal.org/node/add/advisory . You can base this text on an existing SA from http://drupal.org/security/contrib
Sincerely,
1750880 title: Reply to request for Drupal.org maintenance
The security team deals with security issues in the Drupal code itself. The management of the Drupal.org website is not handled by the security team, but rather by the Drupal.org site moderators team. You can let them know what you need done by creating a new issue at the following URL: http://drupal.org/node/add/project-issue/site_moderators.
1750930 title: Reply to request for new service
Hello,
Thanks for your help to make other Drupal sites secure and for your suggestion.
The Drupal Security Team focuses its limited volunteer time on handling issues in Drupal core and contributed code hosted on drupal.org. We appreciate your idea but do not have the resources to make it a priority relative to our other tasks.
[Any issue specific notes like suggesting the Security Review module http://drupal.org/project/security_review]
You are welcome to move forward with this idea if you have the time.
Regards,
[Your name] on behalf of the Drupal Security Team Automatically closed - issue fixed for 2 weeks with no activity.