diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index cf290dd1c67..25b28ab0502 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -29,7 +29,8 @@ _Please detail how the changes were tested, including manual tests and any relev Here are some reminders and checklists before/when submitting your pull request, please check them: - [ ] Make sure your Pull Request has a clear title and commit message. You can take [git-commit](https://github.com/cloudberrydb/cloudberrydb/blob/main/.gitmessage) template as a reference. -- [ ] Sign the Contributor License Agreement as prompted for your first-time contribution. +- [ ] Sign the Contributor License Agreement as prompted for your first-time contribution(*One-time setup*). +- [ ] Learn the [coding contribution guide](https://cloudberrydb.org/contribute/code), including our code conventions, workflow and more. - [ ] List your communication in the [GitHub Issues](https://github.com/cloudberrydb/cloudberrydb/issues) or [Discussions](https://github.com/orgs/cloudberrydb/discussions) (if has or needed). - [ ] Document changes. - [ ] Add tests for the change diff --git a/SECURITY.md b/SECURITY.md index e118ca053cf..36b48877d28 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -44,6 +44,21 @@ For better collaboration, we hope you: Slack](https://github.com/cloudberrydb/cloudberrydb/issues/new/choose) instead. +## Handling Process + +Here's an overview of the security issues handling process: + +* The reporter reports the security issues to the Cloudberry Database + team. +* The Cloudberry Database team investigates the report and decides to + accept or reject the report. If our team rejects the report, the + team will explain why to the reporter. If we accept the report, our + team will work privately with the reporter to fix the security + issues. +* Release the new version of the Cloudberry Database that includes the + fix. +* Public the security issues. + ## Preferred Languages We prefer all communications to be in English.