- Issue created by @ankit_k
- 🇮🇳India vishal.kadam Mumbai
For these applications, we need a project where, in at least the branch used for the application, most of the commits (if not all the commits) have been done from the user who applies.
The purpose of these applications is reviewing a project to understand what the person who applies understands about writing secure code that follows the Drupal coding standards and correctly uses the Drupal API, not what all the project maintainers collectively understand about those points.
This application can only continue with a project (and a branch) where all the commits (or the majority of the commits) have been done by you.
- 🇮🇹Italy apaderno Brescia, 🇮🇹
All the commits have been done by whitedevil, who eventually should be the person who applies using that project.
Just as a reminder: These applications are not done for a project; they are done for a person, to whom will be given a new drupal.org role which allows that person to opt projects into security advisory policy. That is not a role we give to every maintainer, but only to the person who created the application, who must be the person who done the commits in the project used for the application.
- 🇮🇳India ankit_k
Thank you, Vishal and avpaderno for the information I didn't know about this.
I thought the Maintainer can also add the project to the Security Advisory List.
Apologies from my side. I will ask the whitedevil to add project in Security Advisory List