I also think that we should only count PMC votes. This ML is to improve the security mechanism for Flink. Of course we don't expect to use this ML often. I hope that it's perfect if this ML is never used. However, the Flink community is growing rapidly, it's better to make our security mechanism as convenient as possible. But I agree that this ML is not a must to have, it's nice to have.
So, I give the vote as +1(binding). Best, Jincheng Robert Metzger <rmetz...@apache.org> 于2019年11月25日周一 下午9:45写道: > I agree that we are only counting PMC votes (because this decision goes > beyond the codebase) > > I'm undecided what to vote :) I'm not against setting up a new mailing > list, but I also don't think the benefit (having a private list with PMC + > committers) is enough to justify the work involved. As far as I remember, > we have received 2 security issue notices, both basically about the same > issue. I'll leave it to other PMC members to support this if they want to > ... > > > On Mon, Nov 25, 2019 at 9:15 AM Dawid Wysakowicz <dwysakow...@apache.org> > wrote: > > > Hi all, > > > > What is the voting scheme for it? I am not sure if it falls into any of > > the categories we have listed in our bylaws. Are committers votes > > binding or just PMCs'? (Personally I think it should be PMCs') Is this a > > binding vote or just an informational vote? > > > > Best, > > > > Dawid > > > > On 25/11/2019 07:34, jincheng sun wrote: > > > +1 > > > > > > Dian Fu <dian0511...@gmail.com> 于2019年11月21日周四 下午4:11写道: > > > > > >> Hi all, > > >> > > >> According to our previous discussion in [1], I'd like to bring up a > vote > > >> to set up a secur...@flink.apache.org mailing list. > > >> > > >> The vote will be open for at least 72 hours (excluding weekend). I'll > > try > > >> to close it by 2019-11-26 18:00 UTC, unless there is an objection or > not > > >> enough votes. > > >> > > >> Regards, > > >> Dian > > >> > > >> [1] > > >> > > > http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/DISCUSS-Expose-or-setup-a-security-flink-apache-org-mailing-list-for-security-report-and-discussion-tt34950.html#a34951 > > > > >