Any committer can submit a devbranch build... Kind Regards, Brandon
On Tue, Feb 15, 2022 at 1:58 PM Mick Semb Wever <m...@apache.org> wrote: > > > >> We've done concurrent releases without security before, and you follow much >> closer than others. I feel most people, if they saw all of the changes >> reverted and a release of a single fix, would either instantly know it's >> security (high confidence pointer to exactly which patch) OR assume someone >> botched the release prep and draw attention to it. So we're trading "someone >> who's very involved has a high confidence it's security but has to dig >> through 30 patches to find it" vs "everyone knows exactly what's going on", >> the former seems better > > > > My initial thoughts are aligned with what Jeff writes here. Furthermore when > you apply our new-found practice of stable trunk and focus on QA, which I > hope is continuously improving, this point only becomes more valid. > > And how to do CI (we need a green CI for a release remember ;) on a private > commit is something i really am unsure how we would do…
