Skip to end of metadata
  • Created by Former user, last modified by Former user on Mar 03, 2015
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Two best options for applying a security patch directly?

Potential work flow

https://www.apache.org/dev/git.html#workflow


 

  1. Get a private fork on github ($$) where the security group could have all pull-requests that can not be seen from the outside and frequently get synched to the main repo.  
  2. When applying the patch, apply directly into origin to avoid a pull request. One can do this using the following:
Git commit to origin
git commit --author="Joe Smith <joe.smith@genericinstitution.edu>"

When pushed, Git will have an entry for the author, as specified explicitly above, and the committer, whoever pushes in the patch.


Before the patch is ready

  1. Open a Security JIRA
  2. Unlike a typical patch that would go directly into a PR (pull request), the patch will be attached to the JIRA for review. Hence the need to apply the patch directly.
  • No labels