Making WordPress.org

Opened 9 months ago

Last modified 9 months ago

#5637 accepted enhancement

Email alert to plugin committer when security scanner triggers a change

Reported by: tellyworth Owned by: dd32
Milestone: Priority: normal
Component: Plugin Directory Keywords:


The plugin security scanner output is currently only seen by the plugin review team: https://make.wordpress.org/meta/2021/02/19/reducing-the-plugin-review-teams-workload-through-automation/

In order to get feedback on the scan quality, and also to help plugin developers improve their code, we should email an alert to developers when their commit causes a new error in the scan.

Scans should be run with warnings suppressed. I'm not sure whether it's better to only include the new warning, or to simply send the entire output - we probably need to experiment with that.

Change History (1)

#1 @dd32
9 months ago

  • Owner set to dd32
  • Status changed from new to accepted
Note: See TracTickets for help on using tickets.