Siren by OpenSSF
This seems like a pretty useful service for getting early signals around disclosures and such. Given how many projects in the supply chain they are tracking are from the ASF I wonder if we need to be on a receiving end of it either via security@a.o or some other way? https://openssf.org/blog/2024/05/20/enhancing-open-source-security-introducing-siren-by-openssf/ Thoughts? Thanks, Roman. - To unsubscribe, e-mail: dev-unsubscr...@community.apache.org For additional commands, e-mail: dev-h...@community.apache.org
ASF board report wizard - missing data?
Hi, I was looking at https://reporter.apache.org/wizard/statistics?sling and it seems like data is missing: - nothing for Jira since Apr 2024 - no commits since Apr 2024 - no GitHub PRs since Dec 2024 Is there something we need to check on our side? (please keep me in CC, I am not subscribed to this list). Thanks, Robert - To unsubscribe, e-mail: dev-unsubscr...@community.apache.org For additional commands, e-mail: dev-h...@community.apache.org
