You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@netbeans.apache.org by Geertjan Wielenga <ge...@googlemail.com.INVALID> on 2019/01/31 12:57:11 UTC
Ready for Review: Apache NetBeans Maturity Model Assessment
Hi all,
As part of the process to move us out of the Apache Incubator, we need to
do a self-analysis of our maturity as an Apache project.
I have completed the self-analysis here:
https://cwiki.apache.org/confluence/display/NETBEANS/Apache+Maturity+Model+Assessment+for+NetBeans
Comments are welcome and needed!
Feel free to respond in this thread with caveats, thoughts, additions,
comments, insights, etc.
Thanks,
Gj
RE: Ready for Review: Apache NetBeans Maturity Model Assessment
Posted by Eduardo Quintanilla <eq...@bnext.mx>.
The following page provides more information https://www.apache.org/security/committers.html
The project security page is suggested.
Eduardo Quintanilla
Software Developer
Block Networks
-----Original Message-----
From: Geertjan Wielenga <ge...@googlemail.com.INVALID>
Sent: jueves, 31 de enero de 2019 9:32 a. m.
To: dev <de...@netbeans.incubator.apache.org>
Subject: Re: Ready for Review: Apache NetBeans Maturity Model Assessment
That is very closely read, i.e., that's the one item I was least confident about.
On the other hand, here's the security page of one the other Apache projects, which doesn't say much more than the official Apache security page contains:
http://servicecomb.apache.org/security/
Though, indeed, having our own security page with a list of CVE-s could be good, though I feel what is there, given the above page not being much more, is sufficient -- unless there is strong objection?
Gj
On Thu, Jan 31, 2019 at 4:18 PM Laszlo Kishalmi <la...@gmail.com>
wrote:
> Dear Geertjan, community,
>
> On QU30. The project provides a well-documented channel to report
> security issues, along with a documented way of responding to them.
>
> The: "Website provides a link in the footer to the Apache Security
> page <https://www.apache.org/security/>." I guess satisfies the
> criteria, though shouldn't have we have an own security page, listing
> our CVE-s and how to address them, then a link from there to the
> Apache Security page?
>
> On 1/31/19 4:57 AM, Geertjan Wielenga wrote:
> > Hi all,
> >
> > As part of the process to move us out of the Apache Incubator, we
> > need to do a self-analysis of our maturity as an Apache project.
> >
> > I have completed the self-analysis here:
> >
> >
> https://cwiki.apache.org/confluence/display/NETBEANS/Apache+Maturity+M
> odel+Assessment+for+NetBeans
> >
> > Comments are welcome and needed!
> >
> > Feel free to respond in this thread with caveats, thoughts,
> > additions, comments, insights, etc.
> >
> > Thanks,
> >
> > Gj
> >
>
Re: Ready for Review: Apache NetBeans Maturity Model Assessment
Posted by Geertjan Wielenga <ge...@googlemail.com.INVALID>.
That is very closely read, i.e., that's the one item I was least confident
about.
On the other hand, here's the security page of one the other Apache
projects, which doesn't say much more than the official Apache security
page contains:
http://servicecomb.apache.org/security/
Though, indeed, having our own security page with a list of CVE-s could be
good, though I feel what is there, given the above page not being much
more, is sufficient -- unless there is strong objection?
Gj
On Thu, Jan 31, 2019 at 4:18 PM Laszlo Kishalmi <la...@gmail.com>
wrote:
> Dear Geertjan, community,
>
> On QU30. The project provides a well-documented channel to report
> security issues, along with a documented way of responding to them.
>
> The: "Website provides a link in the footer to the Apache Security page
> <https://www.apache.org/security/>." I guess satisfies the criteria,
> though shouldn't have we have an own security page, listing our CVE-s
> and how to address them, then a link from there to the Apache Security
> page?
>
> On 1/31/19 4:57 AM, Geertjan Wielenga wrote:
> > Hi all,
> >
> > As part of the process to move us out of the Apache Incubator, we need to
> > do a self-analysis of our maturity as an Apache project.
> >
> > I have completed the self-analysis here:
> >
> >
> https://cwiki.apache.org/confluence/display/NETBEANS/Apache+Maturity+Model+Assessment+for+NetBeans
> >
> > Comments are welcome and needed!
> >
> > Feel free to respond in this thread with caveats, thoughts, additions,
> > comments, insights, etc.
> >
> > Thanks,
> >
> > Gj
> >
>
Re: Ready for Review: Apache NetBeans Maturity Model Assessment
Posted by Laszlo Kishalmi <la...@gmail.com>.
Dear Geertjan, community,
On QU30. The project provides a well-documented channel to report
security issues, along with a documented way of responding to them.
The: "Website provides a link in the footer to the Apache Security page
<https://www.apache.org/security/>." I guess satisfies the criteria,
though shouldn't have we have an own security page, listing our CVE-s
and how to address them, then a link from there to the Apache Security page?
On 1/31/19 4:57 AM, Geertjan Wielenga wrote:
> Hi all,
>
> As part of the process to move us out of the Apache Incubator, we need to
> do a self-analysis of our maturity as an Apache project.
>
> I have completed the self-analysis here:
>
> https://cwiki.apache.org/confluence/display/NETBEANS/Apache+Maturity+Model+Assessment+for+NetBeans
>
> Comments are welcome and needed!
>
> Feel free to respond in this thread with caveats, thoughts, additions,
> comments, insights, etc.
>
> Thanks,
>
> Gj
>
Re: Ready for Review: Apache NetBeans Maturity Model Assessment
Posted by Antonio <an...@vieiro.net>.
+1
Reviewed. No comments from me. Looks perfect. Thanks, Geertjan!
El 31/01/2019 a las 13:57, Geertjan Wielenga escribió:
> Hi all,
>
> As part of the process to move us out of the Apache Incubator, we need to
> do a self-analysis of our maturity as an Apache project.
>
> I have completed the self-analysis here:
>
> https://cwiki.apache.org/confluence/display/NETBEANS/Apache+Maturity+Model+Assessment+for+NetBeans
>
> Comments are welcome and needed!
>
> Feel free to respond in this thread with caveats, thoughts, additions,
> comments, insights, etc.
>
> Thanks,
>
> Gj
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@netbeans.incubator.apache.org
For additional commands, e-mail: dev-help@netbeans.incubator.apache.org
For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists