Daniel Gruno wrote on 5/26/17 11:53 AM: > Hi folks, > I checked the site checker, https://whimsy.apache.org/site.cgi/ , and it > shows that HTTPd doesn't have a security link or a thanks link - both of > which are wrong. Just thought I'd shoot you a note on that subject. > > Security-wise, we point to http://httpd.apache.org/security_report.html > thanks-wise, we point to http://www.apache.org/foundation/thanks.html > both in the main template (left side menu)
There are two points to consider: - The policy only lists "Thanks" as the text for a link; httpd.a.o uses "Sponsors" for the text for what is the correct link. I'm happy to entertain specifically allowing either string for the text, I think. https://www.apache.org/foundation/marks/pmcs#navigation - Agreed, the if a_text == 'security' scan is too strict. https://github.com/apache/whimsy/blob/master/tools/site-scan.rb#L189 It should probably... scan for 'security' anywhere in the link text, where 'security' also appears anywhere in the href as well. "Security Reports" or "Report a Security Bug" are both clearly OK link texts; and as long as the href goes to *.apache.org/*security*, then we can trust the PMC is doing something appropriate with it for the site scan purposes. > > With regards, > Daniel. > -- - Shane https://www.apache.org/foundation/marks/resources
