-
Task
-
Resolution: Fixed
-
Minor
-
3.9.18, 3.11.11, 4.0.5, 4.1, 4.2
-
1
-
Team Hedgehog 2023 Sprint 1.3
In MDL-69877 a new security.txt file, following the information @ security.txt was introduced.
The security.txt file located in /security.txt must be updated regularly, shortly before it expires (defined by the Expires element within the file). This task should be completed at least two weeks prior to a major release (or at the earliest, after the major release -2 months minors are released).
As a minimum, this will involve updating the Expires value, which needs to be set to [expected subsequent major release date] + 3 WEEKS. This provides a small buffer in case the next major release is delayed. If any of other details in the security.txt need to be amended, they should also be completed at the same time.
The updates should be made to master, as well as all other security supported Moodle versions that contain security.txt. This means all supported versions have an identical security.txt file (including the same expiry).
Detailed information (to be modified for each clone of this issue):
- Branches affected: master (42), 41, 40, 311, 39.
- Expiry (4.3 release + 3 weeks): 9 October 2023 + 3 weeks = 30 October 2023
- Other changes: ... add any further changes required here
Exact formatted expiry date to use: 2023-10-30T01:00:00.000Z
How the date format was calculated (in line with the latest spec):
date --date='30 October 2023 01:00' -u +"%FT%H:%M:%S.000Z"
(This issue is part of the release process, 2 weeks before release, and will be cloned as part of it.)