Hi,
I'm happy to announce that our new OSSN git repository is live! I have
pre-populated it with all of the previously published Security Notes as
well as templates to aid in the creation of new Security Notes. The
repository is located here:
http://git.openstack.org/cgit/openstack/openstack-security-notes/
Now that we have this repository, we will use the normal Gerrit workflow
[1] for reviewing OSSNs. Bryan Payne, Rob Clark, and myself have +2
review permission to start with. We can certainly discuss making
changes to this, but it should be fine for now. It might be a good item
for us to discuss in Atlanta at the Summit.
Publishing of OSSNs is still a manual process. I would like to add
automatic publishing jobs, which is something that I will be looking
into. We can also potentially add check and gate jobs for things such
as formatting if desired.
I have updated the OSSN process wiki page [2] with details of the new
review procedures.
Thanks,
-NGK
[1] https://wiki.openstack.org/wiki/Gerrit_Workflow
[2] https://wiki.openstack.org/wiki/Security/Security_Note_Process