On 8/22/12 3:23 PM, Justin Lebar wrote: > It seems like I can't push my security bug to tryserver until after I > get approval, since that would have the same problem as landing on > m-c.
This is currently a problem since the proposal codifies a way of dealing with our current issue, which is accidental exposure. In other words, we already run the risk of exposure by pushing to tryserver, whether this new policy is adopted or not (just as we do when people check into mozilla-central with a security bug at a bad time in the cycle). Al -- Program Manager Mozilla Security Team _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
