nix-security-tracker
nix-security-tracker copied to clipboard
Nix-Security-WG
Web service for managing information on vulnerabilities in software distributed through Nixpkgs
As a security team member or package maintainer, I want to - Update a package's source with a reference to a security record in `knownVulnerabilities` - Update a package's source...
As a security team member or package maintainer, when a security issue is resolved, I want to - Remove the reference to a security record from the package source from...
Provide functions in the backend to email maintainers of a given package, if these maintainers are known in the database, we can apply in addition their notification preferences. - `notify_maintainers_of_package(package)`...
There are two dimensions to subscribe on an issue: Either, you just want to keep being informed of updates, therefore, we need an RSS feed for event changes on an...
As a user, I want to be able to subscribe to public updates for an issue record via RSS/Atom.
Every day, we should determine to whom we should hand out notifications automatically. Here are the dimensions for a given issue: - last time a notification was sent to that...
Propose as an option for security team & maintainers, a digest of unmediated issues for every week. - For security team: all open issues. - For maintainers: their open issues....
A dashboard of unmediated issues with the most recent actions.
As a package maintainer, I want to control how many and which notifications for security issues I get. Depends on: - https://github.com/Nix-Security-WG/nix-security-tracker/issues/172 - #174
As a security team member, I want to observe an effect of my diligent triaging and have better matches as time passes. Depends on: - #207 - #206 - #189
Metadata
Owner
Metadata
Web service for managing information on vulnerabilities in software distributed through Nixpkgs