[TYPO3-v4] Suggestion: Security commit messages
Stefan Neufeind
typo3.neufeind at speedpartner.de
Wed Sep 14 15:11:55 CEST 2011
Sounds fine to me - also considering to adopt !!! from FLOW3 :-)
Regards,
Stefan
On 09/14/2011 03:07 PM, Kay Strobach wrote:
> Hi,
>
> i like the idea ;)
>
> Regards
> Kay
>
> Am 14.09.2011 14:09, schrieb Ernesto Baschny [cron IT]:
>> Hi,
>>
>> 1)
>> currently our TYPO3v4 commit messages for security issues don't look
>> different from regular commits. E.g. for our latest release:
>>
>> [BUGFIX] Disabling the cache does not work on invalid cHash value
>> (Daniel Pötzinger)
>>
>> I would suggest to add a new flag (see [1]) called [SECURITY] to add
>> some weight to these changes:
>>
>> [BUGFIX][SECURITY] Disabling the cache does not work on invalid cHash
>> value (Daniel Pötzinger)
>>
>>
>> 2)
>> Another issue I found while re-reading the wiki page. Someone added this
>> note:
>>
>> Note: In FLOW3 the [!!!] prefix is added at the very beginning of the
>> line, so it doesn't get overlooked.
>>
>> Maybe we should / could also add this to our TYPO3v4 rules, so that they
>> don't diverge from FLOW3, as it makes sense? We haven't had that much
>> "!!!" usage anyway, since we almost never break backwards compatibility. ;)
>>
>>
>> Any other suggestion around this? I would document that on the mentioned
>> wiki page [1].
>>
>> Cheers,
>> Ernesto
>>
>> [1] http://wiki.typo3.org/CommitMessage_Format_%28Git%29
More information about the TYPO3-project-v4
mailing list