michaeljmarshall commented on pull request #21: URL: https://github.com/apache/pulsar-site/pull/21#issuecomment-1068683673
@Anonymitaet - I did not mean to suggest that we should follow their way blindly. In my view, we should make this contact information easy to find, even if it is slightly redundant. I shared the Apache Spark page because it shows the design I have in mind. My main point is that the contact page should include information on how to report a vulnerability or it should link a user to that part of our website. Given that our "report a vulnerability" protocol is primarily "send an email to secur...@apache.org", I think it makes sense on the contact page where we have all relevant Pulsar email addresses. Beside the obvious benefit of helping security researchers know our protocol, this also ensures that users will notice that we have a well defined security protocol in place. Note that in some of the examples you shared, the community and the contact pages were joined. I agree with you that it wouldn't make sense to have the information in two places if they shared a single webpage. What is your perspective? Thanks. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@pulsar.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
