On Thu, Jun 19, 2014, at 18:23, Antoine Pitrou wrote:There's also infrastructure-staff@python.org, which is private, but they
>
>
> Le 19/06/2014 21:13, Nick Coghlan a écrit :
> > A colleague spotted a possible security issue with one of the CPython
> > workflow tools (specifically with the configuration of our
> > installation, rather than with the upstream project), and would like
> > to know where to report it securely.
> >
> > Currently the developer guide covers CPython itself
> > (security@python.org), and infrastructure@python.org is the likely
> > place for the main PSF infrastructure, but it isn't clear where such
> > problems with the CPython worfklow tools should be reported.
>
> I think security@ is fine.
> infrastructure@ is not, since anyone can read it.
don't own much of the CPython developer infra. If it's the tracker, for
example, you're better off emailing Martin/bitdancer/Ezio privately.
_______________________________________________
python-committers mailing list
python-committers@python.org
https://mail.python.org/mailman/listinfo/python-committers