fixup! SECURITY.md: document Git for Windows' policies

As suggested in #2303 (comment): Also mention the release candidate and snapshot version numberings, e.g. that the final release's installer will claim that the release candidates are newer than the proper release. And also note the existence of the snapshots; This may encourage others to participate in the 'development'. Signed-off-by: Philip Oakley <[email protected]> Signed-off-by: Johannes Schindelin <[email protected]>
git-for-windows · Sep 30, 2019 · cf62fff · cf62fff
1 parent d7ae4d7
commit cf62fff
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -18,6 +18,20 @@ As Git for Windows bundles more than just Git (such as Bash, OpenSSL, OpenSSH, G
 
 Every Git for Windows version is tagged using a name that starts with the Git version on which it is based, with the suffix `.windows.<patchlevel>` appended. For example, Git for Windows v2.17.1' source code is tagged as [`v2.17.1.windows.1`](https://github.com/git-for-windows/git/releases/tag/v2.17.1.windows.1) (the patch level is always at least 1, given that Git for Windows always has patches on top of Git). Likewise, Git for Windows v2.17.1(2)' source code is tagged as [`v2.17.1.windows.2`](https://github.com/git-for-windows/git/releases/tag/v2.17.1.windows.2).
 
+## Release Candidate (rc) versions
+
+Git for Windows also releases versions that reflect the [upstream release candidates](https://tinyurl.com/gitCal). These contain the `-rc<n>` suffix to the expected regular git version, and before the 'windows' suffix. These releases are independent of upstream but are tied together by convention. It should be noted that these rc versions currently sort after their formal release, so appear to be newer to the updater software.
+
+[All releases](https://github.com/git-for-windows/git/releases/) are listed via a link at the footer of the [Git for Windows](https://gitforwindows.org/) home page.
+
+## Snapshot versions ('nightlies')
+
+Git for Windows also provides snapshots (these are not releases) of the progressing upstream development from the Git-for-Windows "master" branch at the [Snapshots](https://wingit.blob.core.windows.net/files/index.html) page. Link also at the footer of the [Git for Windows](https://gitforwindows.org/) home page.
+
+## Following 'upstream' developments
+
+The [gitforwindows/git repository](https://github.com/git-for-windows/git) also provides the shears/* and vs/master branches. The shears branches follow the upstream development with the addition of the Windows specific patches via automated continuous integration. The vs/master branch adds a commit on top of Git-for-Windows "master", providing the project files ready to build Git in Visual Studio using the MSVC tool chain.
+
 ## Reporting a Vulnerability
 
 Please send a mail to [email protected] when you found a security issue in Git or in Git for Windows, even when you are not 100% certain that it is _actually_ a security issue. Typically, you will receive an answer within a day or even within a few hours.