[Openstack-security] OS security guide lacking document version information

Chivers, Doug doug.chivers at hp.com
Wed Nov 26 15:04:37 UTC 2014 

This raises some very useful points. I suggest we write some guidance on
when to update the change log Andreas linked to, such as including major
changes, additions etc. We could also consider some gerrit magic to track
minor changes, maybe cutting a Œnew for Kilo¹ changelog or similar?

Doug



On 26/11/2014 07:27, "Andreas Jaeger" <aj at suse.com> wrote:

>On 11/26/2014 08:05 AM, CF wrote:
>> Hi all,
>> 
>> I'm following the development of the OS security guide
>> (http://docs.openstack.org/security-guide/security-guide.pdf) since a
>> year and it has come a long way since then: content-wise and sheer size
>> where it has grown from 70 to 200+ pages.
>> 
>> However - IMHO - it has two major shortcomings for infrequent readers
>> like me:
>> 1) The document has no version nor version history where one could
>> quickly identify major changes/additions compared to the last version.
>> So one is forced to always skim the whole document while trying to spot
>> changes.
>
>It has one, see
>http://docs.openstack.org/security-guide/content/ch_preface.html
>
>I agree, it does not contain all the details.
>
>Should we ask for significant changes to enhance the history?
>
>
>> 
>> 2) When one downloads the document as PDF it always carries the download
>> date as its date which doesn't help with version identification either.
>> 
>> I see and appreciate that the document is maintained in a dynamic
>> fashion but at the same time would love to have frozen major versions
>> every now and then (maybe monthly?).
>
>Freezing and branching off versions is quite some overhead,
>
>Andreas
>-- 
> Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi
>  SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany
>   GF:Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB 21284 (AG Nürnberg)
>    GPG fingerprint = 93A3 365E CE47 B889 DF7F  FED1 389A 563C C272 A126
>
>_______________________________________________
>Openstack-security mailing list
>Openstack-security at lists.openstack.org
>http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-security

More information about the Openstack-security mailing list