GHSL-2020-111 #602
Comments
|
@kevinbackhouse thanks for filing this 👍 A little bit of feedback, it's annoying that the commit format of the merged security fix doesn't follow our repositories conventional commit conventions: As a result, we end up in a position where we don't call out @jbottigliero's security fix in the automated release we create. tldr; your security patch process takes away some of our ability to manage our projects git history. Edit: for what it's worth, I added a fake commit to the history to address this issue. |
|
@jbottigliero's patch is published in |
|
@bcoe: Thank you very much for the feedback. I hadn't heard of conventional commits before! I have passed your feedback on to the team that works on the security advisories. |
|
@kevinbackhouse thanks for passing the feedback along 😄 Having the button work like squash and merge, where you can rename would do the trick ... or, better still, I bet folks would be appreciative of you adopting a prefix, like conventional commit ... shall we close this issue? |
Hello,
I am a member of the GitHub Security Lab (https://securitylab.github.com).
I've attempted to reach a maintainer for this project to report a potential security issue but have been unable to verify the report was received. Please could a project maintainer could contact us at [email protected], using reference GHSL-2020-111?
Thank you,
Kevin Backhouse
GitHub Security Lab
The text was updated successfully, but these errors were encountered: