silverstripe-framework/docs/en/05_Contributing
Ingo Schommer af7e055574 DOCS Limited "critical security fixes" release lines
We're adopting CVSS (https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator),
which allows us to classify the impact of security issues
based on industry standard metrics.

While there is still a lot of room for interpretation,
it is more objective than our previous system of "critical/high/medium/low",
with one sentence descriptions on how we interpret that "severity rating".

This effectively changes our process to only apply
security fixes to release lines in "limited support" (currently 3.6 and 3.7)
if they're considered "critical" (CVSS > 9.0).

We've already limited preannounces to CVSS >7.0 in these docs.
2019-04-01 17:08:13 +13:00
..
00_Issues_and_Bugs.md DOCS Replaced references to core mailinglist with forum 2018-12-19 10:20:46 +13:00
01_Code.md DOCS Replaced references to core mailinglist with forum 2018-12-19 10:20:46 +13:00
02_Build_Tooling.md Documentation and linting updates 2017-03-10 11:59:38 +13:00
03_Request_for_comment.md Code block whitespace / formatting cleanup 2017-10-27 15:38:27 +13:00
04_Release_Process.md DOCS Limited "critical security fixes" release lines 2019-04-01 17:08:13 +13:00
05_Making_A_SilverStripe_Core_Release.md DOCS Clarify security process, introduce CVE and CVSS 2019-02-26 13:48:07 +13:00
06_Documentation.md Code block whitespace / formatting cleanup 2017-10-27 15:38:27 +13:00
07_Translations.md DOCS Replaced references to core mailinglist with forum 2018-12-19 10:20:46 +13:00
08_Translation_Process.md Code block whitespace / formatting cleanup 2017-10-27 15:38:27 +13:00
09_Core_committers.md Add new core committers 2018-11-14 23:06:17 +13:00
10_Code_of_conduct.md Moved "build tooling" into separate doc 2016-06-13 08:30:44 +12:00
11_Coding_Conventions.md Moved "build tooling" into separate doc 2016-06-13 08:30:44 +12:00
12_JavaScript_Coding_Conventions.md DOCS Add link to silverstripe npm account 2017-06-29 13:37:17 +12:00
13_CSS_Coding_Conventions.md Correct 13_CSS_Coding_Conventions.md 2019-02-21 15:32:45 +01:00
14_PHP_Coding_Conventions.md Remove deprecated @package and @subpackage 2018-02-28 11:45:44 +13:00
index.md DOCS Replaced references to core mailinglist with forum 2018-12-19 10:20:46 +13:00