This post aims to share information about the Drupal Security Team in
2011 and midway through 2012. The team processed a significant number
of security advisories, added a few members, improved the free education
materials in the handbooks, presented at dozens of camps and user
groups, and made several improvements to our workflow (including some
user facing changes, see below).
Some quick numbers:
Improved security issue reporting process
This change is so exciting that it deserves its own section in addition to being listed below. The "Report a Security Issue" link on project pages now links directly to the security.drupal.org issue queue for that project. Using that link instead of sending an e-mail removes one of the final "copy/paste" jobs from the security team’s workflow.
Some quick numbers:
- 3 team meetings at Drupalcon Chicago, Drupalcon London and Drupal Denver
- 3 core security releases in 2011 compared to 2 in 2010
- 59 contributed project security releases in 2011 compared to 113 in 2010
- 137 issues created on our private issue tracker in 2011 - security.drupal.org
- 1645 comments created on those issues on security.drupal.org in 2011 (including automated comments)
- dozens of issues were reported to the team and became public issues because they are not supported in our private process
Improved security issue reporting process
This change is so exciting that it deserves its own section in addition to being listed below. The "Report a Security Issue" link on project pages now links directly to the security.drupal.org issue queue for that project. Using that link instead of sending an e-mail removes one of the final "copy/paste" jobs from the security team’s workflow.
Read More..
For more information on Drupal Development, Drupal Expert, Drupal Developer and Drupal Programmer visit http://www.dckap.com
For more information on Drupal Development, Drupal Expert, Drupal Developer and Drupal Programmer visit http://www.dckap.com
No comments:
Post a Comment