Re: How to coordinate web team for security releases?

Devrim GUNDUZ <devrim@CommandPrompt.com> writes:
> On Mon, 2007-02-05 at 16:38 -0500, Tom Lane wrote:
>> * Dave (and Devrim too) making commits that made it obvious something
>> was afoot.  They could and should have used the Security: filter that
>> Marc set up to cause those messages to be held for moderator approval.

> How?

If there's a line beginning 'Security: ' (note the space, and I think
it's case sensitive) in a pgsql-committers message then it'll get held
for moderator approval.  You'll see some examples as soon as Marc gets
around to releasing my commits from last week.  I thought Marc was going
to notify all the committers about the existence of this mechanism, but
I guess it didn't happen.

> Does it also work for pgfoundry commits?

AFAIK any traffic to pgsql-committers will be handled this way.  If
you've got other outlets for your commit messages then you need to take
it up with them.

> It should be sent to the slaves list I think, as JoshB said in his
> e-mail. It is closed subscription.

I could go with using either slaves or -packagers, though I'd lean to
the former as helping to avoid useless cross-chatter.  I think the
packagers have different concerns as a rule than the webfolk.
        regards, tom lane