On Wednesdays, security advisories go from SA draft nodes on security.drupal.org to sa nodes on www.drupal.org. This is done with some copy/paste and is tedious. Some things, like the project field, work much nicer when auto-filled (we have a query parameter for that https://www.drupal.org/node/add/sa?field_project=185188).

We can either:

  • Open up POST to RestWS from the internal network, so security.drupal.org can push the content in. Needs testing to figure out how well this works, no one has volunteered to do this for other potential robots wanting to post content.
  • Set up the node add sa form to handle population of the fields more client-side — more URL query parameters, or allow some sort of cross-site POSTing.

Comments

drumm created an issue. See original summary.

drumm’s picture

drumm
he/him
Location NY, US
commented
Related issues: +#2966246: API: Provide version number in the security advisory content type, +#2969687: Create CVE field on security advisory content type

#2966246: API: Provide version number in the security advisory content type & #2969687: Create CVE field on security advisory content type would be blockers right now.

drumm’s picture

drumm
he/him
Location NY, US
commented
Related issues: -#2966246: API: Provide version number in the security advisory content type, -#2969687: Create CVE field on security advisory content type

Ignore the last comment, posted to the wrong issue.

drumm’s picture

drumm
he/him
Location NY, US
commented
Component: Code » Security advisories

  • drumm committed 6c0175c3 on 7.x-3.x 
    Issue #2969694: Add help text & default values

  • drumm committed d964a66f on 7.x-3.x 
    Issue #2969694: Require project to be populated by URL