GNU bug report logs - #68962
website: directly link the security mail address

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#68962: closed (website: directly link the security mail address)
Date: Thu, 30 May 2024 13:48:02 +0000

[Message part 1 (text/plain, inline)]

Your message dated Thu, 30 May 2024 09:45:50 -0400
with message-id <878qzre7ld.fsf <at> gmail.com>
and subject line Re: bug#68962: website: directly link the security mail address
has caused the debbugs.gnu.org bug report #68962,
regarding website: directly link the security mail address
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
68962: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=68962
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Jonathan Brielmaier <jonathan.brielmaier <at> web.de>
To: bug-guix <at> gnu.org
Subject: website: directly link the security mail address
Date: Wed, 7 Feb 2024 00:19:51 +0100

Is there a reason why we don't link to the mail alias directly on the
security page:
https://guix.gnu.org/en/security/

Because the mailman archive doesn't make really sense for most of the
users as it's only accessible with a password.

What about this small patch?
```
diff --git a/website/apps/base/templates/security.scm
b/website/apps/base/templates/security.scm
index 8a72950..429e5df 100644
--- a/website/apps/base/templates/security.scm
+++ b/website/apps/base/templates/security.scm
@@ -43,7 +43,7 @@ system|GNU Hurd|GNU Guix package manager|Security
updates") #\|)
         `(p
           "To report sensitive security issues in Guix itself or the
            packages it provides, you can write to the private mailing
list "
-          (a (@ (href
"https://lists.gnu.org/mailman/listinfo/guix-security"))
+          (a (@ (href "mailto:guix-security <at> gnu.org"))
              ("guix-security <at> gnu.org")) ".  This list is monitored by a
            small team of Guix developers."))
       ,(G_
```

Or is this an anti-spam measure?

~Jonathan

[Message part 3 (message/rfc822, inline)]

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: Jonathan Brielmaier <jonathan.brielmaier <at> web.de>
Cc: 68962-done <at> debbugs.gnu.org
Subject: Re: bug#68962: website: directly link the security mail address
Date: Thu, 30 May 2024 09:45:50 -0400

Hi Jonathan,

Jonathan Brielmaier <jonathan.brielmaier <at> web.de> writes:

> Is there a reason why we don't link to the mail alias directly on the
> security page:
> https://guix.gnu.org/en/security/
>
> Because the mailman archive doesn't make really sense for most of the
> users as it's only accessible with a password.
>
> What about this small patch?
>
> ```
> diff --git a/website/apps/base/templates/security.scm
> b/website/apps/base/templates/security.scm
> index 8a72950..429e5df 100644
> --- a/website/apps/base/templates/security.scm
> +++ b/website/apps/base/templates/security.scm
> @@ -43,7 +43,7 @@ system|GNU Hurd|GNU Guix package manager|Security
> updates") #\|)
>           `(p
>             "To report sensitive security issues in Guix itself or the
>              packages it provides, you can write to the private mailing
> list "
> -          (a (@ (href
> "https://lists.gnu.org/mailman/listinfo/guix-security"))
> +          (a (@ (href "mailto:guix-security <at> gnu.org"))
>                ("guix-security <at> gnu.org")) ".  This list is monitored by a
>              small team of Guix developers."))
>         ,(G_
> ```

LGTM.  I've pushed it.

-- 
Thanks,
Maxim

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.