x/website/internal/history: update Release for new security policy #51719
Labels
Projects
Milestone
Comments
dmitshur
added
the
NeedsFix
|
Change https://go.dev/cl/393357 mentions this issue: |
|
Change https://go.dev/cl/393356 mentions this issue: |
gopherbot
pushed a commit
to golang/website
that referenced
this issue
Mar 21, 2022
A following CL will make changes to how release content summary is represented to support the new security policy, and migrate past entries. Before doing that, add test cases for the recent releases, so the upcoming diff will be more informative during review. For golang/go#51719. Updates golang/go#38488. Change-Id: I7d26ac767e69c1ef73a94586f7c166878599864d Reviewed-on: https://go-review.googlesource.com/c/website/+/393356 Trust: Dmitri Shuralyov <dmitshur@google.com> Run-TryBot: Dmitri Shuralyov <dmitshur@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Carlos Amedee <carlos@golang.org> Reviewed-by: Carlos Amedee <amedee@google.com> Trust: Carlos Amedee <amedee@google.com>
passionSeven
added a commit
to passionSeven/website
that referenced
this issue
Oct 18, 2022
A following CL will make changes to how release content summary is represented to support the new security policy, and migrate past entries. Before doing that, add test cases for the recent releases, so the upcoming diff will be more informative during review. For golang/go#51719. Updates golang/go#38488. Change-Id: I7d26ac767e69c1ef73a94586f7c166878599864d Reviewed-on: https://go-review.googlesource.com/c/website/+/393356 Trust: Dmitri Shuralyov <dmitshur@google.com> Run-TryBot: Dmitri Shuralyov <dmitshur@google.com> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Carlos Amedee <carlos@golang.org> Reviewed-by: Carlos Amedee <amedee@google.com> Trust: Carlos Amedee <amedee@google.com>
passionSeven
added a commit
to passionSeven/website
that referenced
this issue
Oct 18, 2022
Make it possible to use the higher-level fix summary fields, instead of CustomSummary, when a release has both bug fixes and security fixes. Rewrite the recent hand-written custom summaries to use the new fields, which produces equivalent output that differs largely in white-space and some trivial consistency fixes. Fixes golang/go#51719. Updates golang/go#38488. Updates golang/go#44918. Change-Id: I672cea21f63cb4ab9764efb6cbc783cf503b791c Reviewed-on: https://go-review.googlesource.com/c/website/+/393357 Trust: Dmitri Shuralyov <dmitshur@google.com> Reviewed-by: Carlos Amedee <amedee@google.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The
Releasestruct has fields needed to describe a Go release, including a high-level summary of the release content:With the previous Go security policy, each minor release was either a bug-fix minor release, or a security minor release, so it was viable to capture that with a single boolean:
With the current Go security policy (#44918), a Go release may include only bug fixes, only security fixes, or both at once. The last case can't be represented with the current fields, and so the
CustomSummaryescape hatch has been used so far whenever a minor release included both bug- and security fixes.Compared to listing components and packages, writing the entire custom summary is more tedious and error prone due to English grammar, and defeats the purpose of having those fields separated out (previously motivated in #38488). The past releases that used
CustomSummaryfollowed a consistent pattern, so it's viable to update them to a new representation without significant changes. This is the tracking issue for that.I've prototyped a fix and will send it via two CLs: the first one adds test data to cover recent releases, and the second changes the struct while updating the test data accordingly (it's mostly changes in whitespace, some trivial grammar diffs and minor intentional fixups).
CC @golang/release, @golang/security.
The text was updated successfully, but these errors were encountered: