cordova-docs icon indicating copy to clipboard operation
cordova-docs copied to clipboard

Published 20 hours ago verified publisher icon apache

Security Page

Open janpio opened this issue 6 years ago • 3 comments

Cordova is currently missing a Security page at https://cordova.apache.org/security/ or similar where the process of reporting security bugs is documented, we just link to http://www.apache.org/security/ in the footer.

I suggest having a few sentences on the Cordova site itself, if only for better Google-ability.

The page could also list or link to previous CVEs: https://cordova.apache.org/announcements/2015/11/20/security.html https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-27153/Apache-Cordova.html

Some examples: https://nodejs.org/en/security/ https://www.ruby-lang.org/en/security/

janpio avatar Jul 31 '18 14:07 janpio

~~I would mark this one as a blocker.~~ (accepting the response below)

brody4hire avatar Jul 31 '18 14:07 brody4hire

https://httpd.apache.org/security/ - a classic!

brody4hire avatar Jul 31 '18 14:07 brody4hire

I would mark this one as a blocker.

I don't agree. There is a link to http://www.apache.org/security/ in the footer, see the updated description. The page itself on cordova.apache.org would just be a convenience "feature".

janpio avatar Jul 31 '18 14:07 janpio