Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Problem/Motivation
mlhess has taken over for greggles as the security team lead, but MAINTAINERS.txt does not reflect this.
Proposed resolution
Update MAINTAINERS.txt to reflect this change.
Remaining tasks
- Update the Security topic coordinators section to add mlhess.
- Discuss with greggles whether he wants to remain listed as well. (Current patch does not remove him since he is still active.)
Assigning to greggles for the second part. :)
| Comment | File | Size | Author |
|---|---|---|---|
| #11 | secteam-2249025-11.patch | 995 bytes | camprandall |
| #6 | secteam-2249025-6.patch | 902 bytes | xjm |
| mlhess.patch | 378 bytes | xjm | |
Comments
Comment #1
gregglesMakes sense to me, though I was never comfortable being listed there (and especially not as an individual).
I suggest it could make more sense to get a list of people who are interested in being listed there and add a link to https://drupal.org/security-team/report-issue
Comment #2
xjm@greggles, as a first step, do you think we should list just mlhess as the lead (removing you), but also add the link to the security team page?
Comment #3
gregglesAh, the use of - as a bullet point in this file threw me off on what was proposed.
I'm fine adding Michael as a first step. I'd like to see a broader call for interested people as a second step (this issue seems like a good spot to do that).
Comment #4
mlhess CreditAttribution: mlhess commentedSounds good to me as well. Maybe add the security@drupal.org address to report an issue to the security team (https://www.drupal.org/security-team)
Comment #5
gregglesI think we're trying to phase out that address for public use, right?
Comment #6
xjmHow about this?
Comment #7
mlhess CreditAttribution: mlhess commentedLooks good to me. Thanks @xjm
Comment #8
David_Rothstein CreditAttribution: David_Rothstein commented"provives" => "provides" (could be fixed on commit)
This should be backported in some form or other. Though I'd suggest keeping Greg listed there also for D6 and D7 (perhaps with some kind of "emeritus" modifier or a list of years served), unless he really doesn't want to be?
(I think there's a precedent for treating it as a "credits" list too, so keeping people who were security leads for a long time during these releases could be good. By that logic, Heine should still be listed there too of course.)
Comment #9
webchickCool, this seems good to me. For some reason I thought I remembered a discussion at NYCCamp where greggles wanted to remain on but #1 seems to imply perhaps that was a hallucination. :)
Committed and pushed to 8.x. Moving down to 7.x for discussion, since David's point in #8 is worth discussing for 6.x and 7.x. (Not as much for 8.x, IMO, because Greg's retirement pre-dates 8.x's release. Hopefully we'll get 8.x done before Michael retires, too. ;))
Comment #11
camprandall CreditAttribution: camprandall commentedI have back-ported the D8 changes to D7.
Comment #12
xjmThanks @clintrandall777@gmail.com!
Comment #13
David_Rothstein CreditAttribution: David_Rothstein commented@greggles, any thoughts on #8 and #9? Are you OK having your name totally removed (even for Drupal 7)?
Comment #14
gregglesYep, I'm fine with this.
Comment #16
dcam CreditAttribution: dcam commented11: secteam-2249025-11.patch queued for re-testing.
Comment #17
David_Rothstein CreditAttribution: David_Rothstein commentedLikely testbot glitch - moving back to RTBC.
Comment #20
dcam CreditAttribution: dcam commentedComment #22
David_Rothstein CreditAttribution: David_Rothstein commentedWent ahead and committed this to get it into the upcoming Drupal 7.30 release - thanks!