Add security page and use common menu items

garydgregory · garydgregory · commit 2bf6e53e95cc · 2025-01-17T09:48:47.000-05:00
diff --git a/src/site/site.xml b/src/site/site.xml
@@ -15,27 +15,29 @@
  See the License for the specific language governing permissions and
  limitations under the License.
 -->
-<project name="Commons CSV">
-  <bannerRight>
-    <name>Apache Commons CSV</name>
-    <src>/images/logo.png</src>
-    <href>/index.html</href>
-    <alt>Apache Commons CSV&amp;trade; logo</alt>
+<site xmlns="http://maven.apache.org/SITE/2.0.0" 
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/SITE/2.0.0 https://maven.apache.org/xsd/site-2.0.0.xsd"
+  name="Apache Commons CSV">
+  <bannerRight name="Commons CSV" href="/index.html">
+    <image src="/images/logo.png"/>
   </bannerRight>
   <body>
     <menu name="Commons CSV">
-      <item name="Overview"        href="/index.html"/>
-      <item name="Download"        href="/download_csv.cgi"/>
-      <item name="User Guide"      href="/user-guide.html"/>
-      <item name="Javadoc"         href="/apidocs/index.html"/>
-      <item name="Javadoc Archive" href="https://javadoc.io/doc/org.apache.commons/commons-csv/latest/index.html"/>
+      <!-- Start: For all components. -->
+      <item name="About" href="index.html" />
+      <item name="Asking Questions" href="/mail-lists.html" />
       <item name="Release History" href="/changes.html" />
-    </menu>
-    <menu name="Development">
-      <item name="Mailing Lists"   href="/mail-lists.html"/>
-      <item name="Issue Tracking"  href="/issue-tracking.html"/>
-      <item name="Team"            href="/team.html"/>
-      <item name="Source"          href="/scm.html"/>
+      <item name="Issue Tracking" href="/issue-management.html" />
+      <item name="Dependency Management" href="/dependency-info.html" />
+      <item name="Javadoc" href="apidocs/index.html" />
+      <item name="Javadoc Archive" href="https://javadoc.io/doc/org.apache.commons/commons-csv/" />
+      <item name="Sources" href="/scm.html" />
+      <item name="Security" href="security.html" />
+      <item name="License" href="https://www.apache.org/licenses/LICENSE-2.0" />
+      <item name="Code of Conduct" href="https://www.apache.org/foundation/policies/conduct.html" />
+      <item name="Download" href="https://commons.apache.org/proper/commons-csv/download_bcel.cgi" />
+      <!-- End: For all components. -->
     </menu>
   </body>
-</project>
+</site>
diff --git a/src/site/xdoc/security.xml b/src/site/xdoc/security.xml
@@ -0,0 +1,51 @@
+<?xml version="1.0"?>
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements.  See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership.  The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License.  You may obtain a copy of the License at
+
+   https://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied.  See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<document xmlns="http://maven.apache.org/XDOC/2.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/XDOC/2.0 https://maven.apache.org/xsd/xdoc-2.0.xsd">
+  <properties>
+    <title>Apache Commons Security Reports</title>
+    <author email="dev@commons.apache.org">Apache Commons Team</author>
+  </properties>
+  <body>
+    <section name="About Security">
+      <p>
+        For information about reporting or asking questions about security, please see
+        <a href="https://commons.apache.org/security.html">Apache Commons Security</a>.
+      </p>
+      <p>This page lists all security vulnerabilities fixed in released versions of this component. 
+      </p>
+      <p>Please note that binary patches are never provided. If you need to apply a source code patch, use the building instructions for the component version
+        that you are using. 
+      </p>
+      <p>
+        If you need help on building this component or other help on following the instructions to mitigate the known vulnerabilities listed here, please send
+        your questions to the public
+        <a href="mail-lists.html">user mailing list</a>.
+      </p>
+      <p>If you have encountered an unlisted security vulnerability or other unexpected behavior that has security impact, or if the descriptions here are
+        incomplete, please report them privately to the Apache Security Team. Thank you. 
+      </p>
+    </section>
+    <section name="Security Vulnerabilities">
+      <p>None.</p>
+    </section>
+  </body>
+</document>
