From 186c17e8781e0d3f6d0bd2a793ca190bde39a653 Mon Sep 17 00:00:00 2001 From: Daniel Bevenius Date: Tue, 29 Jun 2021 08:11:44 +0200 Subject: [PATCH 1/2] doc: add cc oss-security@lists.openwall.com This commit adds step to CC oss-security@lists.openwall.com as part of the security release process. Refs: https://github.com/nodejs/TSC/issues/1047 --- doc/guides/security-release-process.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/doc/guides/security-release-process.md b/doc/guides/security-release-process.md index 10465c57501328..a2f6adfb04c87d 100644 --- a/doc/guides/security-release-process.md +++ b/doc/guides/security-release-process.md @@ -38,9 +38,10 @@ information described. * Described in the pre/post announcements * [ ] Pre-release announcement [email][]: ***LINK TO EMAIL*** + * CC: `oss-security@lists.openwall.com` + * Subject: `Security updates for all active release lines, Month Year` + * Body: ```text - Security updates for all active release lines, Month Year - The Node.js project will release new versions of all supported release lines on or shortly after Day of week, Month Day of Month, Year For more information see: https://nodejs.org/en/blog/vulnerability/month-year-security-releases/ ``` @@ -70,9 +71,10 @@ information described. * [ ] [Unlock CI](https://github.com/nodejs/build/blob/HEAD/doc/jenkins-guide.md#after-the-release) * [ ] Post-release announcement in reply [email][]: ***LINK TO EMAIL*** + * CC: `oss-security@lists.openwall.com` + * Subject: `Security updates for all active release lines, Month Year` + * Body: ```text - Security updates for all active release lines, Month Year - The Node.js project has now released new versions of all supported release lines. For more information see: https://nodejs.org/en/blog/vulnerability/month-year-security-releases/ ``` From 46f64437bf02f9f437b96532298f0dd7a812511b Mon Sep 17 00:00:00 2001 From: Daniel Bevenius Date: Tue, 29 Jun 2021 12:46:11 +0200 Subject: [PATCH 2/2] squash! doc: add cc oss-security@lists.openwall.com Update subject to include Node.js --- doc/guides/security-release-process.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/guides/security-release-process.md b/doc/guides/security-release-process.md index a2f6adfb04c87d..9517ea674f0c70 100644 --- a/doc/guides/security-release-process.md +++ b/doc/guides/security-release-process.md @@ -39,7 +39,7 @@ information described. * [ ] Pre-release announcement [email][]: ***LINK TO EMAIL*** * CC: `oss-security@lists.openwall.com` - * Subject: `Security updates for all active release lines, Month Year` + * Subject: `Node.js security updates for all active release lines, Month Year` * Body: ```text The Node.js project will release new versions of all supported release lines on or shortly after Day of week, Month Day of Month, Year @@ -72,7 +72,7 @@ information described. * [ ] Post-release announcement in reply [email][]: ***LINK TO EMAIL*** * CC: `oss-security@lists.openwall.com` - * Subject: `Security updates for all active release lines, Month Year` + * Subject: `Node.js security updates for all active release lines, Month Year` * Body: ```text The Node.js project has now released new versions of all supported release lines.