On Wed, May 30, 2018 at 09:52:55PM +0100, Thomas Gummerer wrote:
> Add a mention of the security mailing list to the README, and to
> Documentation/SubmittingPatches.. 2caa7b8d27 ("git manpage: note
> [email protected]", 2018-03-08) already added it to the
> man page, but for developers either the README, or the documentation
> on how to contribute (SubmittingPatches) may be the first place to
> look.
>
> Use the same wording as we already have on the git-scm.com website and
> in the man page for the README, while the wording is adjusted in
> SubmittingPatches to match the surrounding document better.
>
> Signed-off-by: Thomas Gummerer <[email protected]>
> ---
> Documentation/SubmittingPatches | 13 +++++++++++++
> README.md | 3 +++
> 2 files changed, 16 insertions(+)
>
> diff --git a/Documentation/SubmittingPatches b/Documentation/SubmittingPatches
> index 27553128f5..c8f9deb391 100644
> --- a/Documentation/SubmittingPatches
> +++ b/Documentation/SubmittingPatches
> @@ -176,6 +176,12 @@ that is fine, but please mark it as such.
> [[send-patches]]
> === Sending your patches.
>
> +:security-ml: footnoteref:[security-ml,The Git Security mailing list:
> [email protected]]
> +
> +Before sending any patches, please note that patches that may be
> +security relevant should be submitted privately to the Git Security
> +mailing list{security-ml}, instead of the public mailing list.
> +
> Learn to use format-patch and send-email if possible. These commands
> are optimized for the workflow of sending patches, avoiding many ways
> your existing e-mail client that is optimized for "multipart/*" mime
> @@ -259,6 +265,13 @@ patch, format it as "multipart/signed", not a text/plain
> message
> that starts with `-----BEGIN PGP SIGNED MESSAGE-----`. That is
> not a text/plain, it's something else.
>
> +:security-ml-ref: footnoteref:[security-ml]My only feedback here is that using the footnoteref syntax to refer to the previous footnote potentially makes this a little less readable for plain text users, although it also reduces duplication. I'm not sure I feel strongly one way or the other on this. Otherwise, this looked fine to me. -- brian m. carlson: Houston, Texas, US OpenPGP: https://keybase.io/bk2204
signature.asc
Description: PGP signature
