Commit Graph

202 Commits

Author SHA1 Message Date
Ingo Schommer
af7e055574 DOCS Limited "critical security fixes" release lines
We're adopting CVSS (https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator),
which allows us to classify the impact of security issues
based on industry standard metrics.

While there is still a lot of room for interpretation,
it is more objective than our previous system of "critical/high/medium/low",
with one sentence descriptions on how we interpret that "severity rating".

This effectively changes our process to only apply
security fixes to release lines in "limited support" (currently 3.6 and 3.7)
if they're considered "critical" (CVSS > 9.0).

We've already limited preannounces to CVSS >7.0 in these docs.
2019-04-01 17:08:13 +13:00
Ingo Schommer
62bd6ff334 DOCS Clarify security process, introduce CVE and CVSS
Moved the guts to "making a core release", since it's only really relevant to that audience.
There's more work to do around making security and non-security releases the same (less special handling),
but I think this is a good start.

[ci-skip]
2019-02-26 13:48:07 +13:00
Juan Molina
b02fd13766
Correct 13_CSS_Coding_Conventions.md
Correct two broken links and the syntax of a third one
2019-02-21 15:32:45 +01:00
Robbie Averill
7c96feef37 Merge branch '4.3' into 4 2019-01-08 12:27:48 +01:00
Robbie Averill
937d73fefc Merge branch '4.2' into 4.3
# Conflicts:
 #	docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md
 #	lang/en.yml
2019-01-08 12:25:48 +01:00
Robbie Averill
280222abbe Merge branch '4.1' into 4.2
# Conflicts:
 #	docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md
2019-01-08 12:22:20 +01:00
Robbie Averill
802261aa4b Merge branch '4.0' into 4.1
# Conflicts:
 #	docs/en/05_Contributing/05_Making_A_SilverStripe_Core_Release.md
2019-01-08 12:21:27 +01:00
Ingo Schommer
f80e16adde DOCS clarified release EOL process 2019-01-08 12:20:17 +01:00
Ingo Schommer
9bdd5fb162 DOCS Replaced references to core mailinglist with forum 2018-12-19 10:20:46 +13:00
Ingo Schommer
8b601b8ecc DOCS Further wording changes to pre announce release docs 2018-12-19 09:41:59 +13:00
Ingo Schommer
cc51ffea68 DOCS Minor wording changes on release process docs 2018-12-18 16:39:32 +13:00
Daniel Hensby
1644765a9f Rebase against satis changes (#8298) 2018-12-13 16:49:12 +13:00
Damian Mooyman
22314de559 DOCS Update security release docs / satis instructions (#7681)
* DOCS Update security release docs / satis instructions

* Update based on testing
2018-12-13 15:50:50 +13:00
Scott Hutchinson
70897495d6
Add new core committers 2018-11-14 23:06:17 +13:00
Sacha Judd
f5b6ce01cf DOCS Add docs for CMS help menu links
[ci skip]
2018-10-04 10:50:57 +13:00
Ingo Schommer
7f05c7c6d4 DOCS Clarified latest vs. next 2018-09-13 08:11:07 +12:00
Ingo Schommer
793d6615eb DOCS Don't mention 5.3, its unsupported 2018-09-13 08:09:27 +12:00
Ingo Schommer
1f881f5c3f DOCS Clarify sec release process 2018-09-13 08:09:27 +12:00
Ingo Schommer
dd4bcac3a7 DOCS Release support clarification
See https://github.com/silverstripe/silverstripe-framework/issues/8189
2018-09-13 08:09:24 +12:00
Ingo Schommer
e5371091fa DOCS Simpler description on pull request target 2018-09-05 13:54:31 +12:00
Ingo Schommer
b4d5d9f1ff DOCS Clarified issue labelling 2018-09-05 13:54:17 +12:00
Ingo Schommer
2e1e8e07b9 DOCS Consistent app/ folder and composer use
- Stronger wording around "use composer"
- Consistent domain and email address naming
- Removed example for publishing non-composer modules (those shouldn't be encouraged)
- Removed instructions for installing modules from archives

[ci skip]
2018-06-25 10:40:19 +12:00
Sam Minnée
4ccacf509f
Add semver reference in core committers guide 2018-05-21 14:08:52 +12:00
Robbie Averill
fe5a271634
Merge pull request #8048 from open-sausages/pulls/4/docs-release-proc
Release process docs improvements
2018-05-08 11:25:15 +12:00
Ingo Schommer
10328a8970 Less conflicting statement on security fix release lines 2018-05-07 21:20:39 +12:00
Ingo Schommer
27ec9724cb Document contributing committers
See https://github.com/silverstripe/silverstripe-framework/pull/8021#issuecomment-386423095
2018-05-07 20:07:13 +12:00
Robbie Averill
53938f3bde
DOCS Update references to open source JIRA > GitHub, minimum PHP version update 2018-05-07 14:27:43 +12:00
Ingo Schommer
63b1f0153d Clarify roadmap and change releases location for docs 2018-05-03 15:19:45 +12:00
Ingo Schommer
4ccfa94132 Removed docs about pre-semver times
We no longer support those versions, so it's just noise.
2018-05-03 14:52:52 +12:00
Daniel Hensby
33a17d8dd2
Merge pull request #7925 from open-sausages/pulls/4/youve-been-committed
Add Paul to core designers team
2018-03-13 11:36:15 +00:00
Christopher Joe
f437d52255 Add Paul to core designers team 2018-03-13 17:55:43 +13:00
Ingo Schommer
9a85e4d6e8 Remove Jono from Core Committers :( 2018-03-13 10:25:02 +13:00
Ingo Schommer
e71a70217f Remove Stig/Sean from Core Committers :( 2018-03-13 10:23:55 +13:00
Ingo Schommer
c2ac52c271 Remove Hamish from core committers :( 2018-03-13 10:12:41 +13:00
Ingo Schommer
13c9372a1d Clarify docs around security releases on supported modules 2018-03-07 11:07:17 +13:00
worikgh
1fe1d9a822
Remove deprecated @package and @subpackage
On Slack #General at 11:17 nightjarnz maintains that @package is deprecated.
2018-02-28 11:45:44 +13:00
Ingo Schommer
d4fc08b206
Closing bracket 2018-02-14 10:14:44 +13:00
Ingo Schommer
6fab007138
Link to UX issues 2018-02-14 10:14:22 +13:00
Robbie Averill
ef6b03a35a
Merge pull request #7843 from open-sausages/pulls/4/docs-blog-release
DOCS Blog on release process
2018-02-07 18:29:32 +13:00
Ingo Schommer
b5987b68c6 DOCS Blog on release process 2018-02-07 16:02:27 +13:00
Scott Hutchinson
496ca4457a
Update 09_Core_committers.md 2018-02-05 14:45:50 +13:00
Ingo Schommer
26c3e224db Remove module-specific docs instructions
We have too many docs to list these out now,
even in 3.x this was a bit of a stopgap solution.
Point to a centrally managed URL on silverstripe.org
instead, where we can update the list of "core modules" regularly
without breaking URLs in the docs etc

Note that these URLs are also used internally by the
Open Sourcerers team.
2018-01-30 09:08:49 +13:00
Ingo Schommer
bf8790a893 Docs: Remove forum and IRC references 2017-12-19 11:45:27 +13:00
Saophalkun Ponlu
e0e50c79fd Update CSS conventions doc 2017-12-18 16:01:52 +13:00
Ingo Schommer
58da8c47cb Moved security process from JIRA to Github
JIRA isn't fully under the OSS team's control,
and played up in the past (Dan couldn't move issues).
Since Github has project boards now, and we're paying
for private repos on github.com/silverstripe-security already anyway,
there's no reason to introduce another tool (JIRA) into our workflows.

No need to move existing issues, the JIRA board hasn't been used in a while.
Which leads to unclear ownership and status of security issues,
and is exactly the reason for this change ;)
2017-11-15 07:44:17 +13:00
Damian Mooyman
cdfb413395
Code block whitespace / formatting cleanup 2017-10-27 15:38:27 +13:00
Aaron Carlino
50c8a02bff remove tabs 2017-08-07 15:11:17 +12:00
Aaron Carlino
84feab5a68 Yeah psr2 functions 2017-08-07 14:01:38 +12:00
Aaron Carlino
2414eaeafd Yay, clean arrays 2017-08-07 14:01:38 +12:00
Aaron Carlino
eb1695c03d Replace all legacy ::: syntax with GFMD tags 2017-08-07 14:01:38 +12:00