website/developer-docs: add templates for announcing fixed security release

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-12-22 16:13:21 +01:00
parent 7b01a208a2
commit 28eb7c03fa
No known key found for this signature in database
2 changed files with 30 additions and 1 deletions

View file

@ -115,6 +115,8 @@ If you have any questions or comments about this advisory:
<details><summary>Mailing list template</summary> <details><summary>Mailing list template</summary>
<p> <p>
Subject: `Notice of upcoming authentik Security releases 2022.10.3 and 2022.11.3`
```markdown ```markdown
We'll be publishing a security Issue and accompanying Fix on _date_, 13:00 UTC with the Criticality level High. Fixed versions x, y and z will be released alongside a workaround for previous versions. For more infos, see the authentik Security policy here: https://goauthentik.io/docs/security/policy. We'll be publishing a security Issue and accompanying Fix on _date_, 13:00 UTC with the Criticality level High. Fixed versions x, y and z will be released alongside a workaround for previous versions. For more infos, see the authentik Security policy here: https://goauthentik.io/docs/security/policy.
``` ```
@ -139,3 +141,30 @@ We'll be publishing a security Issue and accompanying Fix on _date_, 13:00 UTC w
- Cherry-pick the merge commit onto the version branch - Cherry-pick the merge commit onto the version branch
- If the fix made any changes to the API schema, manually install the latest version of the API client in `/web` - If the fix made any changes to the API schema, manually install the latest version of the API client in `/web`
- Resume the instructions above, starting with the `bumpversion` step - Resume the instructions above, starting with the `bumpversion` step
- After the release has been published, update the Discord announcement and send another mail to the mailing list to point to the new releases
<details><summary>Mailing list template</summary>
<p>
Subject: `Release of authentik Security releases 2022.10.3 and 2022.11.3`
```markdown
The security advisory has been published: https://github.com/goauthentik/authentik/security/advisories/GHSA-mjfw-54m5-fvjf
Releases with fixes are being built and will be available here: https://github.com/goauthentik/authentik/releases
```
</p>
</details>
<details><summary>Discord template</summary>
<p>
```markdown
[...existing announcement...]
Edit: Advisory is here https://github.com/goauthentik/authentik/security/advisories/GHSA-mjfw-54m5-fvjf, the fixed versions are currently building and will be available here: https://github.com/goauthentik/authentik/releases
```
</p>
</details>

View file

@ -70,7 +70,7 @@ image:
- stages/captcha: customisable URLs (#3832) - stages/captcha: customisable URLs (#3832)
- stages/user_login: prevent double success message when logging in via source - stages/user_login: prevent double success message when logging in via source
- stages/user_write: always ignore `component` field and prevent warning - stages/user_write: always ignore `component` field and prevent warning
- web: fix authentification with Plex on iOS (#4095) - web: fix authentication with Plex on iOS (#4095)
- web/admin: better show metadata download for saml provider - web/admin: better show metadata download for saml provider
- web/admin: fix action button order for blueprints - web/admin: fix action button order for blueprints
- web/admin: fix alignment in tables with multiple elements in cell - web/admin: fix alignment in tables with multiple elements in cell