Beth Griggs

I notice this has fallen off our list a little. Today, if someone wanted to report a security issue in a plugin - where would they go? Should we start...

[SECURITY.md](https://github.com/backstage/community-plugins/blob/main/SECURITY.md) now exists, we'll iterate as needed

I haven't looked into the code yet. Does this introduce an implicit expectation on all plugin maintainers that their plugins will update to the new Backstage release at the same...

No concerns here with seeing how it goes with having this on by default, at first. As follow up question: I suppose not all of these Backstage bump PRs are...

Oh boo, this will not _just work_ because: > [yarn workspaces foreach will run a yarn command](https://yarnpkg.com/cli/workspaces/foreach), not execute a CLI*. That means that this runs [yarn npm publish](https://yarnpkg.com/cli/npm/publish) in...

Perhaps can be closed now https://github.com/backstage/community-plugins/tree/main/workspaces/grafana exists?

Should this be closed now that https://github.com/backstage/community-plugins/tree/main/workspaces/linkerd exists?

Thanks @vinzscam, changeset added 🚀

May need a rebase

Closing and reopening for CI issue (which should now hopefully be fixed by https://github.com/backstage/community-plugins/pull/875)