Two best options for applying a security patch directly?
Potential work flow
- https://www.apache.org/dev/git.html#workflow
- When applying the patch, apply directly into origin to avoid a pull request. One can do this using the following:
Git commit to origin
git commit --author="Joe Smith <joe.smith@genericinstitution.edu>"
When pushed, Git will have an entry for the author, as specified explicitly above, and the committer, whoever pushes in the patch.
Before the patch is ready
- Open a Security JIRA
- Unlike a typical patch that would go directly into a PR (pull request), the patch will be attached to the JIRA for review. Hence the need to apply the patch directly.