-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
doc: add request to hold off publicising sec releases #46702
Conversation
mhdawson
commented
Feb 17, 2023
- We've often seen tweets go out early before announcement and other parts of the security release complete
- Make an explicit ask that collorators avoid doing this by gating on the tweet from the Node.js account
- Releasers would still be free to tweet earlier as they know when the process is complete.
Review requested:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
There's a typo in the commit message ("collorators"). Also I'm +1 for the ask but I'm not sure any collaborator reads this doc unless they are involved with a security release. I don't really have a suggestion though for where a better place to put this would be. |
- We've often seen tweets go out early before announcement and other parts of the security release complete - Make an explicit ask that collaborators avoid doing this by gating on the tweet from the Node.js account - Releasers would still be free to tweet earlier as they know when the process is complete. Signed-off-by: Michael Dawson <[email protected]>
39f0a89
to
7242478
Compare
@richardlau once we have this documented I'm going to publicise to try to make sure collaborators are aware and in cases where they are not we can point them to this doc so that we improve over time. |
Fixed the typo in the commit comment. |
- We've often seen tweets go out early before announcement and other parts of the security release complete - Make an explicit ask that collaborators avoid doing this by gating on the tweet from the Node.js account - Releasers would still be free to tweet earlier as they know when the process is complete. Signed-off-by: Michael Dawson <[email protected]> PR-URL: #46702 Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Robert Nagy <[email protected]> Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Akhil Marsonya <[email protected]> Reviewed-By: Gireesh Punathil <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
Landed in 7cb09f4 |
- We've often seen tweets go out early before announcement and other parts of the security release complete - Make an explicit ask that collaborators avoid doing this by gating on the tweet from the Node.js account - Releasers would still be free to tweet earlier as they know when the process is complete. Signed-off-by: Michael Dawson <[email protected]> PR-URL: #46702 Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Robert Nagy <[email protected]> Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Akhil Marsonya <[email protected]> Reviewed-By: Gireesh Punathil <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
- We've often seen tweets go out early before announcement and other parts of the security release complete - Make an explicit ask that collaborators avoid doing this by gating on the tweet from the Node.js account - Releasers would still be free to tweet earlier as they know when the process is complete. Signed-off-by: Michael Dawson <[email protected]> PR-URL: #46702 Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Robert Nagy <[email protected]> Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Akhil Marsonya <[email protected]> Reviewed-By: Gireesh Punathil <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]> Reviewed-By: Darshan Sen <[email protected]>
- We've often seen tweets go out early before announcement and other parts of the security release complete - Make an explicit ask that collaborators avoid doing this by gating on the tweet from the Node.js account - Releasers would still be free to tweet earlier as they know when the process is complete. Signed-off-by: Michael Dawson <[email protected]> PR-URL: #46702 Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Robert Nagy <[email protected]> Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Rafael Gonzaga <[email protected]> Reviewed-By: Akhil Marsonya <[email protected]> Reviewed-By: Gireesh Punathil <[email protected]> Reviewed-By: Antoine du Hamel <[email protected]> Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]> Reviewed-By: Darshan Sen <[email protected]>