This is an automated email from the ASF dual-hosted git repository.
djwang pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudberry-site.git
The following commit(s) were added to refs/heads/main by this push:
new ba40d8e5 Add new security page and update related links
ba40d8e5 is described below
commit ba40d8e5cba6b253da7bdad6d8f5283f2654356e
Author: Dianjin Wang <[email protected]>
AuthorDate: Sun Dec 8 21:19:27 2024 +0800
Add new security page and update related links
As the ASF site checks[1], the "Security" should link to either to a
project-specifi page, or to the main http://www.apache.org/security
page.
[1] https://whimsy.apache.org/pods/project/cloudberry
---
docusaurus.config.ts | 4 +--
src/consts/community.tsx | 2 +-
src/consts/support.tsx | 2 +-
src/pages/community/security.md | 47 +++++++++++++++++++++++++++++++
src/pages/contribute/how-to-contribute.md | 2 +-
5 files changed, 52 insertions(+), 5 deletions(-)
diff --git a/docusaurus.config.ts b/docusaurus.config.ts
index 2dd46048..ddfe57a3 100644
--- a/docusaurus.config.ts
+++ b/docusaurus.config.ts
@@ -164,7 +164,7 @@ const config: Config = {
},
{
label: 'Security',
- to: 'https://github.com/apache/cloudberry/blob/main/SECURITY.md'
+ to: 'https://www.apache.org/security/'
},
{
label: 'Sponsorship',
@@ -225,7 +225,7 @@ const config: Config = {
},
{
label: "Security",
- to: "https://github.com/apache/cloudberry/blob/main/SECURITY.md";,
+ to: "/community/security",
},
],
},
diff --git a/src/consts/community.tsx b/src/consts/community.tsx
index 6ebc19c4..940c1d2b 100644
--- a/src/consts/community.tsx
+++ b/src/consts/community.tsx
@@ -235,7 +235,7 @@ let COMMUNITY_PAGE: CommunityPageConfig = {
"View the Apache security policy to learn how to report
security issues to us.",
link: {
text: "Learn the security policy",
- href:
"https://github.com/apache/cloudberry/blob/main/SECURITY.md";,
+ href: "/community/security",
},
},
],
diff --git a/src/consts/support.tsx b/src/consts/support.tsx
index a31f7830..32a04f1f 100644
--- a/src/consts/support.tsx
+++ b/src/consts/support.tsx
@@ -56,7 +56,7 @@ const configData = {
<>
View our{" "}
<LinkWithBaseUrl
- href="https://github.com/apache/cloudberry/blob/main/SECURITY.md";
+ href="/community/security"
className="active-color"
target="_blank"
>
diff --git a/src/pages/community/security.md b/src/pages/community/security.md
new file mode 100644
index 00000000..65ce21c2
--- /dev/null
+++ b/src/pages/community/security.md
@@ -0,0 +1,47 @@
+---
+title: Security Policy
+description: Learn how to report security issues to us.
+---
+
+# Apache Cloudberry Security
+
+The Apache Security Team handles all security issues across Apache projects and
+coordinates the response to vulnerabilities. For details on the vulnerability
+handling process, supported versions, and what is considered a security issue,
+visit: https://www.apache.org/security/.
+
+## Do not
+
+For better collaboration, we hope you:
+
+- DO NOT report non-security-impacting bugs through this channel. If you have
+ any questions on using, development, please use [GitHub
+ Issues](https://github.com/apache/cloudberry/issues),
+ [Discussions](https://github.com/apache/cloudberry/discussions), [Dev mailing
+ list](/community/mailing-lists) or
+ [Slack](https://inviter.co/apache-cloudberry) instead.
+- DO NOT report security issues on public GitHub Issues, Jira tickets, mailing
+ lists, or other public forums.
+
+## Reporting Security Issues
+
+Send your report to: [[email protected]](mailto:[email protected]).
+
+Please send one plain-text email per vulnerability with the following and
+additional information as necessary (as much as you can provide):
+
+- Description of the vulnerability
+- Steps to reproduce
+- Affected versions
+- Potential impact
+- Any known mitigations
+- (Optional) Suggested fix
+
+## Public Discussion
+
+For general security questions or discussions, please use the development
+mailing list: [[email protected]](mailto:[email protected])
+
+## Preferred Languages
+
+We prefer all communications to be in English.
diff --git a/src/pages/contribute/how-to-contribute.md
b/src/pages/contribute/how-to-contribute.md
index 676720d7..06cbb583 100644
--- a/src/pages/contribute/how-to-contribute.md
+++ b/src/pages/contribute/how-to-contribute.md
@@ -50,7 +50,7 @@ You can participate by:
Requests](https://github.com/apache/cloudberry/pulls) or
[Proposals](https://github.com/apache/cloudberry/discussions/categories/proposal).
- Proposing your proposal, see [Proposal Guide](./proposal).
-- [Reporting security
issues](https://github.com/apache/cloudberry/blob/main/SECURITY.md).
+- [Reporting security issues](/community/security).
- Testing code, testing releases.
- Creating educational content (Blog posts, tutorials, videos, etc.)
- Spreading the word about Apache Cloudberry on social media(eg,
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
