doc: add check for security reverts#51376
Closed
mhdawson wants to merge 3 commits intonodejs:mainfrom
Closed
Conversation
Member
mhdawson
commented
Jan 4, 2024
mhdawson
commented
- Add step to check that any PRs with breaking changes have command line options to revert
- Add info on how to easily add command line option to revert a breaking change related to a CVE
- Add step to check that any PRs with breaking changes have command line options to revert - Add info on how to easily add command line option to revert a breaking change related to a CVE Signed-off-by: Michael Dawson <midawson@redhat.com>
Collaborator
|
Review requested:
|
aduh95
approved these changes
Jan 5, 2024
aduh95
reviewed
Jan 5, 2024
gireeshpunathil
approved these changes
Jan 5, 2024
bnb
reviewed
Jan 5, 2024
Comment on lines
230
to
236
| Breaking changes are allowed in existing LTS lines in order to fix | ||
| important security vulnerabilities. When breaking changes are made | ||
| it is important to provide a command line option that restores | ||
| the original behaviour. | ||
|
|
||
| Node.js includes the command line option `--security-revert` and | ||
| has the boilerplate to make additions easy. |
Contributor
There was a problem hiding this comment.
This starts by talking about LTS lines, but then switches context to Node.js includes. Upon first read, I assumed that this flag would only be included in LTS versions, missing the context switch. I'd recommend adding more, direct language about where and when this feature is available.
RafaelGSS
approved these changes
Jan 5, 2024
Co-authored-by: Antoine du Hamel <duhamelantoine1995@gmail.com>
lpinca
approved these changes
Jan 5, 2024
tniessen
approved these changes
Jan 6, 2024
mhdawson
added a commit
that referenced
this pull request
Jan 8, 2024
- Add step to check that any PRs with breaking changes have command line options to revert - Add info on how to easily add command line option to revert a breaking change related to a CVE Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #51376 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Member
Author
|
Landed in 718e4e6 |
marco-ippolito
pushed a commit
to marco-ippolito/node
that referenced
this pull request
Jan 12, 2024
- Add step to check that any PRs with breaking changes have command line options to revert - Add info on how to easily add command line option to revert a breaking change related to a CVE Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: nodejs#51376 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Medhansh404
pushed a commit
to Medhansh404/node
that referenced
this pull request
Jan 19, 2024
- Add step to check that any PRs with breaking changes have command line options to revert - Add info on how to easily add command line option to revert a breaking change related to a CVE Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: nodejs#51376 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
targos
pushed a commit
that referenced
this pull request
Feb 15, 2024
- Add step to check that any PRs with breaking changes have command line options to revert - Add info on how to easily add command line option to revert a breaking change related to a CVE Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #51376 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Merged
richardlau
pushed a commit
that referenced
this pull request
Mar 25, 2024
- Add step to check that any PRs with breaking changes have command line options to revert - Add info on how to easily add command line option to revert a breaking change related to a CVE Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #51376 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
richardlau
pushed a commit
that referenced
this pull request
Mar 25, 2024
- Add step to check that any PRs with breaking changes have command line options to revert - Add info on how to easily add command line option to revert a breaking change related to a CVE Signed-off-by: Michael Dawson <midawson@redhat.com> PR-URL: #51376 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Merged
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
8 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.