-
Notifications
You must be signed in to change notification settings - Fork 451
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New section advisories with per-advisory pages #6492
Conversation
7971067
to
0582f0e
Compare
0582f0e
to
08dc9c4
Compare
08dc9c4
to
f00c6f6
Compare
f00c6f6
to
5ea24e1
Compare
@knz in regards to the individual advisories, it makes sense to add a published date when the customer communication went out, possibly linked back to the advisory index page too. So for example Product Advisory 42567, should have a note stated it was published 01/22/20. |
The index page already has it; I'll add it to the individual pages. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
More broadly, I'm still not clear how known limitations and tech advisories overlap or don't. Why and when would advisories be called out as known limitations? What are the differences? We don't have to answer now because I know we need this content live, but I'd like to have a follow-up conversation.
Reviewable status:
complete! 1 of 0 LGTMs obtained (waiting on @dbist, @jseldess, and @knz)
_data/advisories.yml, line 6 at r1 (raw file):
date: Feb 11, 2020 - advisory: 44166 summary: SHOW JOBS and Jobs page can endanger cluster stability
backticks: SHOW JOBS
advisories/a30821.md, line 2 at r1 (raw file):
--- title: Product Advisory 30821
Each advisory title should be changed from Product Advisory XXX
to Technical Advisory XXX
since that's what we're using the sidenav and on the advisory index page.
advisories/a30821.md, line 4 at r1 (raw file):
title: Product Advisory 30821 summary: Authentication bypass for internal RPCs toc: false
Let's use toc: true
on all advisory pages.
advisories/a30821.md, line 17 at r1 (raw file):
On October 23rd, 2018, an internal review uncovered a security vulnerability within CockroachDB's GRPC layer. This vulnerability was prioritized for a fix and repaired in v1.1.9, v2.0.6 and
We use the v
prefix here but not in many other places where we reference a version. I'd say always use the v
for consistency with the rest of our docs.
advisories/a44166.md, line 9 at r1 (raw file):
## Description When running SHOW JOBS or viewing the Jobs page in the Admin UI,
We should put backticks around SQL statement names here and throughout: SHOW JOBS
5ea24e1
to
ba9e85c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- added the missing advisory
- performed the recommended changes, see below.
Why and when would advisories be called out as known limitations?
-
Known limitations are information targeting new uses of cockroachdb - when the application or the deployment is being initially set up. It says what you can or cannot expect from the product from the start and helps prepare the new usage.
-
Advisories are information targeting existing uses of cockroachdb, when we breach expectations set in the past. They provide information about what to do now while waiting for a fix to become available (either because we haven't fixed yet, or because the user may not be able to upgrade right away).
An advisory that reports on a regression that is not going to be addressed could become a known limitation in the next version, but I hope we won't get into that situation!
Reviewable status:
complete! 0 of 0 LGTMs obtained (and 1 stale) (waiting on @dbist and @jseldess)
_data/advisories.yml, line 6 at r1 (raw file):
Previously, jseldess (Jesse Seldess) wrote…
backticks:
SHOW JOBS
Done.
advisories/a30821.md, line 2 at r1 (raw file):
Previously, jseldess (Jesse Seldess) wrote…
Each advisory title should be changed from
Product Advisory XXX
toTechnical Advisory XXX
since that's what we're using the sidenav and on the advisory index page.
Done.
advisories/a30821.md, line 4 at r1 (raw file):
Previously, jseldess (Jesse Seldess) wrote…
Let's use
toc: true
on all advisory pages.
Done.
advisories/a30821.md, line 17 at r1 (raw file):
Previously, jseldess (Jesse Seldess) wrote…
We use the
v
prefix here but not in many other places where we reference a version. I'd say always use thev
for consistency with the rest of our docs.
Done.
advisories/a44166.md, line 9 at r1 (raw file):
Previously, jseldess (Jesse Seldess) wrote…
We should put backticks around SQL statement names here and throughout:
SHOW JOBS
Done.
ba9e85c
to
e67c9a5
Compare
Fixes #6385.