Child pages
  • Policies & Processes

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 4.0

This page provides ideas, notes and proposals for the policies and processes we need to think about going forward:

  • Patches
    • How long will we give upstream to fix an issue before taking a nexenta/illumos patch?
    • How will we keep track of which issues are fixed by which patches in which branches?
    • oi-notify mailing list?
  • Security
    • What are we going to monitor for security patches/fixes? Just upstream (Osol), two upstream (Osol, IllumOS/Nexenta), up-upstream too (package providers)?
    • Who is going to monitor security issues?
    • Is there a pre-public announcement (NDA?) type relationship Oracle allows for sec issue notification?
    • Do we need a security mailing list?
  • Testing
    • What testing/checking procedures are going to be in place for accepting code?
    • Any additional/different checks or testing periods for the stable series?