Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Security Inquiry
18 views
Skip to first unread message
Daniel F
Nov 7, 2022, 8:45:45 AM11/7/22
to OpenRefine Development
Good Morning! I initially posted in the OpenRefine group and was directed to the dev group.
I am performing a risk assessment for the use of this product on behalf of my organization. I've reviewed documentation relating to CI/CD testing with Cyprus.io and the Security tab on GitHub.
-In addition to these measures are there any security validation checks or code review for vulnerabilities that takes place internal to the development process?
I am performing a risk assessment for the use of this product on behalf of my organization. I've reviewed documentation relating to CI/CD testing with Cyprus.io and the Security tab on GitHub.
-In addition to these measures are there any security validation checks or code review for vulnerabilities that takes place internal to the development process?
-Would you consider including a hash with product downloads on openregine.org?
Thank you for you time.
Antonin Delpeuch (lists)
Nov 25, 2022, 4:21:32 AM11/25/22
to openref...@googlegroups.com
Hi Daniel,
Sorry for the delay in replying to this.
- pull requests are reviewed with security in mind, as a part of the
normal development process
- hashes have been published for some releases in the past but this has
not been systematically done because of the overhead it incurs on the
release process. But I am hoping to be able to automatize that and
publish such hashes on our website. I have opened a ticket about this:
https://github.com/OpenRefine/openrefine.org/issues/158
Note that this mailing list is closing soon but feel free to reach out
on the forum for follow-up discussion:
https://forum.openrefine.org/
Cheers,
Antonin
> openregine.org <http://openregine.org/>?
> You received this message because you are subscribed to the Google
> Groups "OpenRefine Development" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to openrefine-de...@googlegroups.com
> <mailto:openrefine-de...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/openrefine-dev/b264dbda-1283-44e5-a22c-5c859d85d492n%40googlegroups.com <https://groups.google.com/d/msgid/openrefine-dev/b264dbda-1283-44e5-a22c-5c859d85d492n%40googlegroups.com?utm_medium=email&utm_source=footer>.
Sorry for the delay in replying to this.
- pull requests are reviewed with security in mind, as a part of the
normal development process
- hashes have been published for some releases in the past but this has
not been systematically done because of the overhead it incurs on the
release process. But I am hoping to be able to automatize that and
publish such hashes on our website. I have opened a ticket about this:
https://github.com/OpenRefine/openrefine.org/issues/158
Note that this mailing list is closing soon but feel free to reach out
on the forum for follow-up discussion:
https://forum.openrefine.org/
Cheers,
Antonin
>
> Thank you for you time.
>
> --
> Thank you for you time.
>
> You received this message because you are subscribed to the Google
> Groups "OpenRefine Development" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to openrefine-de...@googlegroups.com
> <mailto:openrefine-de...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/openrefine-dev/b264dbda-1283-44e5-a22c-5c859d85d492n%40googlegroups.com <https://groups.google.com/d/msgid/openrefine-dev/b264dbda-1283-44e5-a22c-5c859d85d492n%40googlegroups.com?utm_medium=email&utm_source=footer>.
Reply all
Reply to author
Forward
0 new messages