Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make sure we're on the development mailing lists for our upstreams #473

Open
4 tasks
celskeggs opened this issue Jan 16, 2020 · 0 comments
Open
4 tasks

Make sure we're on the development mailing lists for our upstreams #473

celskeggs opened this issue Jan 16, 2020 · 0 comments
Labels
category operations macro
Milestone
Dev Cluster 9

Comments

@celskeggs
Copy link
Member

#472 is something that we should have known about the moment it was announced. It's fine for now, but it'll matter a lot more when we're in production. We need to make sure we're subscribed to all of the relevant mailing lists -- in this case, [email protected] would have been enough. (We don't qualify for being on their embargoed security list.)

  • Compile a list of all components we depend on
  • Compile mailing lists on which vulnerabilities are announced for the upstream projects
  • Get everyone on the team to subscribe to them
  • Determine a strategy to make sure we continue to get this information into the future, even as our dependencies and team members change
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
category operations macro
Projects
None yet
Milestone
Dev Cluster 9
Development

No branches or pull requests
1 participant
@celskeggs