> On 21. Feb 2021, at 16:50, Radek Antoniuk <radek.anton...@gmail.com> wrote:
>
>
> Let me know if I missed something but for me this process looks exactly the
> same when we replace Jira with GH Security Advisories system described
> above.
> The only thing I see missing here is probably the possibility for non-write
> members to be able to create the private security advisory but I can
> imagine this could be solved via a workflow or a common mailbox.
The "only thing missing" is a major reason we use Jira. And we've been pretty
terrible at mailboxes for years. The HOSTING Jira only exists because of that.
If people started reporting via email in large numbers, we'd simply fold.
At first I had a giant wall of text here, explaining in detail why it's
unnecessary, but really it boils down to GitHub Security Advisories not
offering a single thing we want or need, and don't already do (often better).
I'm really curious what you think we'd get in return for a _lot_ of additional
work, both migration and ongoing, here.
--
You received this message because you are subscribed to the Google Groups
"Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-dev+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-dev/2CF983FD-4DC7-425D-BF22-4E6B9270FAE4%40beckweb.net.
