On 20 June 2014 23:21, Barry Warsaw <barry@python.org> wrote:
On Jun 20, 2014, at 11:13 AM, Nick Coghlan wrote:
Currently the developer guide covers CPython itself (security@python.org), and infrastructure@python.org is the likely place for the main PSF infrastructure, but it isn't clear where such problems with the CPython worfklow tools should be reported.
security@ should be the main entry point for all security issues for Python, including infrastructure, workflow, tools, etc. The folks on that team can forward to other teams as necessary.
OK, thanks. We may want to make that scope clearer on https://www.python.org/security, as I suspect I'm not alone in assuming the security address was specifically for the interpreter, rather than also covering python.org and the workflow tools in general.
Cheers, Nick.
-- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia