Oliver Bertuch (Mar 09 2023 at 11:26): Oliver Bertuch (Mar 09 2023 at 11:26):Maybe we should also change permissions to create private streams to admins and mods.
Oliver Bertuch (Mar 09 2023 at 11:27):It might be a good idea to rename a few things
Oliver Bertuch (Mar 09 2023 at 11:28):E.g. rename "general" to "community" so people expect more chatiness in that channel
Oliver Bertuch (Mar 09 2023 at 11:28):It might also be useful to have an "announcement" stream that people are auto-subscribed to
Oliver Bertuch (Mar 09 2023 at 11:31):Did you read the article @Don Sizemore sent WRT to the slow death of Google Groups? I've seen Zulip allows for an inbound mail message stream. Dunno if that might be worth a try to migrate a few things to Zulip in one go. We could for example make the low frequency groups like dataverse-dev etc a Zulip stream. And maybe create one for security. Dunno...
Philip Durbin ๐ (Mar 09 2023 at 11:46):By "closed" you mean "private". I think "core team" is the only one.
Oliver Bertuch (Mar 09 2023 at 11:47):So far it's the only one, yes
Oliver Bertuch (Mar 09 2023 at 11:47):It might be interesting to have a security channel which is private with history blank for new people joining
Oliver Bertuch (Mar 09 2023 at 11:48):We could tell people to reach out to us on the community channel if they find a security thing and talk with them in such a channel
Philip Durbin ๐ (Mar 09 2023 at 11:49):Maybe, but our current practices around security chatter are probably ok. New topic, please, and probably not right now. :happy:
Oliver Bertuch (Mar 09 2023 at 11:50):Changed the topic so we can pick it up again later
Philip Durbin ๐ (Mar 09 2023 at 12:53):That's fine but it's a big lift. You'd need to convince lots of people to join Zulip first.
Philip Durbin ๐ (Mar 10 2023 at 13:22):People are starting to join! :tada:
Philip Durbin ๐ (Mar 28 2023 at 12:02):Is the following possible with Zulip? Or just a dream? "It might be interesting to have a security channel which is private with history blank for new people joining"
Oliver Bertuch (Mar 28 2023 at 12:07):
Philip Durbin ๐ (Mar 28 2023 at 12:28):Huh. Interesting. Thanks.
Philip Durbin ๐ (Mar 28 2023 at 12:31):Here's the current topic in the new security channel:
"A placeholder security stream to redirect to proper channels: security@dataverse.org and/or https://github.com/IQSS/dataverse-security โ Please don't post sensitive information here."
Philip Durbin ๐ (Mar 28 2023 at 12:32):Is a read-only stream possible? If so, maybe the #security stream could have a single topic/message saying:
"To report security issues, please email or security@dataverse.org create an issue at https://github.com/IQSS/dataverse-security"
Philip Durbin ๐ (Mar 28 2023 at 12:38):As a reminder, in 5.13 we wrote up our current practices at https://guides.dataverse.org/en/5.13/developers/security.html
We can certainly change things and edit that page! :happy:
Don Sizemore (Mar 28 2023 at 13:24):I just wanted to get ahead of someone jumping in and posting something sensitive. Read-only sounds great. It could be a private stream if we want to assume the risk that Zulip content will never be leaked?
Philip Durbin ๐ (Mar 28 2023 at 13:56):There's a "who can post to the stream" dropdown in that screenshot above. ^^
I guess that's how we could make it read only to non-admins.
(Right now "everyone" can post to #security .)
Philip Durbin ๐ (Nov 20 2023 at 13:32):We just got a security report in #security . Is that what we want?
Philip Durbin ๐ (Nov 21 2023 at 14:59):I just started a new topic about this: #security > discuss security elsewhere?
Last updated: Nov 01 2025 at 14:11 UTC