A colleague spotted a possible security issue with one of the CPython
workflow tools (specifically with the configuration of our
installation, rather than with the upstream project), and would like
to know where to report it securely.
Currently the developer guide covers CPython itself
(security(a)python.org), and infrastructure(a)python.org is the likely
place for the main PSF infrastructure, but it isn't clear where such
problems with the CPython worfklow tools should be reported.
Regards,
Nick.
P.S. A page in the dev guide listing the new core-workflow list, the
individual workflow tools, and their maintenance arrangements would be
a nice thing to have...
--
Nick Coghlan | ncoghlan(a)gmail.com | Brisbane, Australia
I'd like to propose that we give Berker Peksag push privileges. He's
provided a number of good quality patches and done good review work on
other issues, and has been an active contributor for quite some time.
IMO we've reached the point where it will be easier to let him push
patches. (We've already had at least one instance of a committer
assuming he already could.)
I volunteer to act has his mentor for learning how to push to the
repository &c.
--David