Skip to content

clarify preferred method for submitting security reports#4079

Merged
kcp-ci-bot merged 1 commit into
kcp-dev:mainfrom
SimonTheLeg:update-security-policy
Apr 28, 2026
Merged

clarify preferred method for submitting security reports#4079
kcp-ci-bot merged 1 commit into
kcp-dev:mainfrom
SimonTheLeg:update-security-policy

Conversation

@SimonTheLeg
Copy link
Copy Markdown
Member

@SimonTheLeg SimonTheLeg commented Apr 28, 2026

As discussed, this slightly changes the wording to prefer a GitHub security report, while still allowing to submit via email.

Summary

What Type of PR Is This?

/kind documentation

Related Issue(s)

Fixes #

Release Notes

NONE

@SimonTheLeg
clarify preferred method for submitting security reports
3595e99 
On-behalf-of: SAP <simon.bein@sap.com>
Signed-off-by: Simon Bein <simontheleg@gmail.com>
@kcp-ci-bot kcp-ci-bot added release-note-none Denotes a PR that doesn't merit a release note. kind/documentation Categorizes issue or PR as related to documentation. dco-signoff: yes Indicates the PR's author has signed the DCO. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Apr 28, 2026
xmudrii
xmudrii approved these changes Apr 28, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@xmudrii xmudrii left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@kcp-ci-bot kcp-ci-bot added the lgtm Indicates that a PR is ready to be merged. label Apr 28, 2026
@kcp-ci-bot
Copy link
Copy Markdown
Contributor

kcp-ci-bot commented Apr 28, 2026

LGTM label has been added.

DetailsGit tree hash: 3cb55a75a37973725ab0e37c5a2c2dbb852cad39

@kcp-ci-bot kcp-ci-bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 28, 2026
mjudeikis
mjudeikis approved these changes Apr 28, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@mjudeikis mjudeikis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/hold

As this changes the security policy, even slightly - would wait for a quorum of maintainers

@kcp-ci-bot kcp-ci-bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 28, 2026
ntnn
ntnn approved these changes Apr 28, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@ntnn ntnn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@xrstf
Copy link
Copy Markdown
Contributor

xrstf commented Apr 28, 2026

/aPpRoVe

@kcp-ci-bot
Copy link
Copy Markdown
Contributor

kcp-ci-bot commented Apr 28, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ntnn, xmudrii, xrstf

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@mjudeikis
Copy link
Copy Markdown
Contributor

mjudeikis commented Apr 28, 2026

/hold cancel
majority has spoken

@kcp-ci-bot kcp-ci-bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Apr 28, 2026
@kcp-ci-bot kcp-ci-bot merged commit 6e290d3 into kcp-dev:main Apr 28, 2026
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mjudeikis mjudeikis mjudeikis approved these changes

@embik embik embik approved these changes

@ntnn ntnn ntnn approved these changes

@xmudrii xmudrii xmudrii approved these changes

+1 more reviewer

@cnvergence cnvergence cnvergence approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@mjudeikis mjudeikis

@embik embik

@ntnn ntnn

@xmudrii xmudrii

@cnvergence cnvergence

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Indicates the PR's author has signed the DCO. kind/documentation Categorizes issue or PR as related to documentation. lgtm Indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@SimonTheLeg @kcp-ci-bot @xrstf @mjudeikis @embik @ntnn @xmudrii @cnvergence