-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
A while back (cba03a5777) we gave up dividing that file into
"Developers" and "Patch contributors" - and imho that was a good
thing. The only sections in the CREDITS file by now are "Contributors"
and "Translators", where the latter just holds a link to translatewiki.
I'd (slightly) prefer to just add those who reported security issues
to the "Contributors" section (considering "reported a security
issue"
a contribution) instead of adding a new section - technically someone
reporting a security issue with a patch attached would be both a
"Vulnerability Reporter" and a "Contributor", which just seems
confusing. Besides from bikeshedding about that, I totally agree with
your proposal.
- --
Eddie
On 01.05.2018 20:34, Brian Wolff wrote:
Hi everyone,
Currently we only credit people who report security vulnerabilities
at
https://www.mediawiki.org/wiki/Wikimedia_Security_Team/Thanks
(which basically nobody reads or knows exists) and sometimes in the
commit message and release announcements. Given such people are
instrumental in keeping MediaWiki secure, I think we should also
credit them in the CREDITS file. I propose adding another section
to the file - "Vulnerability Reporters", listing the names of
everyone who has reported a security vulnerability in either
MediaWiki or a bundled extension.
Thoughts?
-- Brian _______________________________________________ Wikitech-l
mailing list Wikitech-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE/zqKboUFrd4f9T4zA/bLnFtzmKEFAlro2/UACgkQA/bLnFtz
mKHlUA//SUKpGwRUtxpkxm46T8wrwnBfSamwK7hRfv4bvAyzmyAk2YAFxh3GVvji
qUuabrnARdQn4/HgfNXqe09rPUPXrESX+Blp5JCxKQuJzgrgBeqMYlnR4JbVsA0A
ITvyTlrUKAmDJd7pjCnb+MKzd9qroTLU6PWwCh0ln0ihrx9syhzZAcNW3BB+D24B
EYHx4i7VBWWFnFgzgdif7hjO4JJ6gZvGKZaUDNkZ4ZOyRdY/+OpxRx1jqhhMDauZ
dHwk17yQYkeC9+z+GBicdtwwLs9AKbq0mz7P4DkCe6fUbtsyAlAWYB8Z8qSCvfwP
p1CFo+7L5sdc3dEq8xLhHQNRBfzOg7WMDq9T1vfaR9kxHhrfA/PPu8EFcNAMiiLe
hmHxZaKGRqB48eJGZMYUv9OAxB5fA+tUp/NdMhchkOtH1Zq1mOWv2JBzcfIm1uUY
POsFL1lgghsU9GEyRMa7EPkiFIYzHYs7OuGJUybXfaL2fGxh+zaWHVWfBjmvMABL
tL7MyY8aFUegkvod1vQIocAsBVCRx5TVibLs8WAkVfnKE7wr55msgknt/JZbiqqO
poHv0Vluvd3A86L7P17zUX/p3vo50psBv/A+0yPq0xwaosrumU+yHKzBUF2hKl8r
e6RcRA0ElzAwej6VRoErB+HkJXi+EDJdQADatB84hL9sTJi3TFg=
=0KkP
-----END PGP SIGNATURE-----