I agree that we are only counting PMC votes (because this decision goes beyond the codebase)
I'm undecided what to vote :) I'm not against setting up a new mailing list, but I also don't think the benefit (having a private list with PMC + committers) is enough to justify the work involved. As far as I remember, we have received 2 security issue notices, both basically about the same issue. I'll leave it to other PMC members to support this if they want to ... On Mon, Nov 25, 2019 at 9:15 AM Dawid Wysakowicz <dwysakow...@apache.org> wrote: > Hi all, > > What is the voting scheme for it? I am not sure if it falls into any of > the categories we have listed in our bylaws. Are committers votes > binding or just PMCs'? (Personally I think it should be PMCs') Is this a > binding vote or just an informational vote? > > Best, > > Dawid > > On 25/11/2019 07:34, jincheng sun wrote: > > +1 > > > > Dian Fu <dian0511...@gmail.com> 于2019年11月21日周四 下午4:11写道: > > > >> Hi all, > >> > >> According to our previous discussion in [1], I'd like to bring up a vote > >> to set up a secur...@flink.apache.org mailing list. > >> > >> The vote will be open for at least 72 hours (excluding weekend). I'll > try > >> to close it by 2019-11-26 18:00 UTC, unless there is an objection or not > >> enough votes. > >> > >> Regards, > >> Dian > >> > >> [1] > >> > http://apache-flink-mailing-list-archive.1008284.n3.nabble.com/DISCUSS-Expose-or-setup-a-security-flink-apache-org-mailing-list-for-security-report-and-discussion-tt34950.html#a34951 > >
