On Sat, May 4, 2019 at 2:51 PM Sharan Foga wrote:
> ...
> Not sure if this has come up already but another idea for ApacheCon talks
> that came up in a brainstorming session (thanks Myrle :-) a few weeks ago
> was around security vulnerabilities and how to handle them
>
> For example:
> - An intr
Last year I worked with DOAP maintainers on some new security related
fields. My plan was to get ASF projects to publish useful metadata around
where to get security policies, contacts, and lists of errata in their DOAP
files. I think this is useful for vendors who use Apache projects in
their p
