Making WordPress.org

Opened 3 years ago

Last modified 3 years ago

#5637 accepted enhancement

Email alert to plugin committer when security scanner triggers a change

Reported by: tellyworth's profile tellyworth Owned by: dd32's profile dd32
Milestone: Priority: normal
Component: Plugin Directory Keywords:
Cc:

Description

The plugin security scanner output is currently only seen by the plugin review team: https://make.wordpress.org/meta/2021/02/19/reducing-the-plugin-review-teams-workload-through-automation/

In order to get feedback on the scan quality, and also to help plugin developers improve their code, we should email an alert to developers when their commit causes a new error in the scan.

Scans should be run with warnings suppressed. I'm not sure whether it's better to only include the new warning, or to simply send the entire output - we probably need to experiment with that.

Change History (1)

#1 @dd32
3 years ago

  • Owner set to dd32
  • Status changed from new to accepted
Note: See TracTickets for help on using tickets.