Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

docs: Add a note to contributing.md on reporting security vulnerabilities #10796

Merged
merged 2 commits into from
Sep 7, 2020

Conversation

suddjian
Copy link
Member

@suddjian suddjian commented Sep 4, 2020

SUMMARY

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

TEST PLAN

ADDITIONAL INFORMATION

  • Has associated issue:
  • Changes UI
  • Requires DB Migration.
  • Confirm DB Migration upgrade and downgrade tested.
  • Introduces new feature or API
  • Removes existing feature or API

@dpgaspar dpgaspar changed the title Add a note to contributing.md on reporting security vulnerabilities docs: Add a note to contributing.md on reporting security vulnerabilities Sep 7, 2020
@dpgaspar dpgaspar merged commit 1d76c59 into master Sep 7, 2020
@dpgaspar dpgaspar deleted the security-contributing branch September 7, 2020 14:51
amitmiran137 pushed a commit to ofekisr/incubator-superset that referenced this pull request Sep 7, 2020
…boards_permissions

* upstream/master: (32 commits)
  docs: Add a note to contributing.md on reporting security vulnerabilities (apache#10796)
  Fix: Include RLS filters for cache keys (apache#10805)
  feat: filters for database list view (apache#10772)
  fix: MVC show saved query (apache#10781)
  added creator column and adjusted order columns (apache#10789)
  security: disallow uuid package on jinja2 (apache#10794)
  feat: CRUD REST API for saved queries (apache#10777)
  fix: disable domain sharding on explore view (apache#10787)
  fix: can not type `0.05` in `TextControl` (apache#10778)
  fix: pivot table timestamp grouping (apache#10774)
  fix: add validator information to email/slack alerts (apache#10762)
  More Label touchups (margins) (apache#10722)
  fix: dashboard extra filters (apache#10692)
  fix: re-installing local superset in cache image (apache#10766)
  feat: SIP-34 table list view for databases (apache#10705)
  refactor: convert DatasetList schema filter to use new distinct api (apache#10746)
  chore: removing fsevents dependency (apache#10751)
  Fix precommit hook for docs/installation.rst (apache#10759)
  feat(database): POST, PUT, DELETE API endpoints (apache#10741)
  docs: Update OAuth configuration in installation.rst (apache#10748)
  ...
@@ -264,6 +265,12 @@ If the PR passes CI tests and does not have any `need:` labels, it is ready for

If an issue/PR has been inactive for >=30 days, it will be closed. If it does not have any status label, add `inactive`.

## Reporting a Security Vulnerability

Please report security vulnerabilities to [email protected].
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually these should go to [email protected] I believe

auxten pushed a commit to auxten/incubator-superset that referenced this pull request Nov 20, 2020
…ties (apache#10796)

* a note on reporting security vulnerabilities

* mention apache security guidelines
@mistercrunch mistercrunch added 🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels 🚢 0.38.0 labels Mar 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels size/XS 🚢 0.38.0
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants