From 657246c472ee0bc9f39561dd2443db526bd0cfed Mon Sep 17 00:00:00 2001
From: Steve Boyd <emteknetnz@gmail.com>
Date: Wed, 5 Jul 2023 17:17:16 +1200
Subject: [PATCH 1/3] DOC CMS 4 Supported modules

---
 .../06_Supported_Modules.md                   | 142 ++++++++++++++++++
 1 file changed, 142 insertions(+)
 create mode 100644 en/06_Project_Governance/06_Supported_Modules.md

diff --git a/en/06_Project_Governance/06_Supported_Modules.md b/en/06_Project_Governance/06_Supported_Modules.md
new file mode 100644
index 000000000..4d98650ad
--- /dev/null
+++ b/en/06_Project_Governance/06_Supported_Modules.md
@@ -0,0 +1,142 @@
+---
+title: Supported modules
+description: Modules which are commercially supported by Silverstripe
+---
+
+# Commercially supported modules
+
+Silverstripe CMS ships modules that receive commercial support. Commercially supported modules receive regular updates to work with the latest Silverstripe CMS release. Their APIs conform to [semantic versioning](https://semver.org/). They are covered by:
+- our [security release process](/contributing/managing_security_issues) and
+- our [major release policy](major_release_policy).
+
+These modules will be supported for the lifetime of Silverstripe CMS 4 in the provided major versions.
+
+## Core Silverstripe CMS modules
+
+These modules provide the core Silverstripe CMS experience. Most Silverstripe CMS projects should install all of them.
+
+Core Module | Supported major release line
+-- | --
+[silverstripe/admin](https://packagist.org/packages/silverstripe/admin) | 1
+[silverstripe/asset-admin](https://packagist.org/packages/silverstripe/asset-admin) | 1
+[silverstripe/assets](https://packagist.org/packages/silverstripe/assets) | 1
+[silverstripe/cms](https://packagist.org/packages/silverstripe/cms) | 4
+[silverstripe/config](https://packagist.org/packages/silverstripe/config) | 1
+[silverstripe/campaign-admin](https://packagist.org/packages/silverstripe/campaign-admin) | 1
+[silverstripe/errorpage](https://packagist.org/packages/silverstripe/errorpage) | 1
+[silverstripe/framework](https://packagist.org/packages/silverstripe/framework) | 4
+[silverstripe/graphql](https://packagist.org/packages/silverstripe/graphql) | 4
+[silverstripe/installer](https://packagist.org/packages/silverstripe/installer) | 4
+[silverstripe/login-forms](https://packagist.org/packages/silverstripe/login-forms) | 4
+[silverstripe/mimevalidator](https://packagist.org/packages/silverstripe/mimevalidator) | 2
+[silverstripe/recipe-cms](https://packagist.org/packages/silverstripe/recipe-cms) | 4
+[silverstripe/recipe-core](https://packagist.org/packages/silverstripe/recipe-core) | 4
+[silverstripe/recipe-plugin](https://packagist.org/packages/silverstripe/recipe-plugin) | 1
+[silverstripe/reports](https://packagist.org/packages/silverstripe/reports) | 4
+[silverstripe/session-manager](https://packagist.org/packages/silverstripe/session-manager) | 1
+[silverstripe/siteconfig](https://packagist.org/packages/silverstripe/siteconfig) | 4
+[silverstripe/vendor-plugin](https://packagist.org/packages/silverstripe/vendor-plugin) | 1
+[silverstripe/versioned](https://packagist.org/packages/silverstripe/versioned) | 1
+[silverstripe/versioned-admin](https://packagist.org/packages/silverstripe/versioned-admin) | 1
+
+## Other supported modules
+
+These modules extend the core Silverstripe CMS functionality. Silverstripe CMS projects can pick and choose which of these modules to install based on their needs.
+
+Supported PHP Module | Supported versions
+-- | --
+[bringyourownideas/silverstripe-composer-update-checker](https://packagist.org/packages/bringyourownideas/silverstripe-composer-update-checker) | 3
+[bringyourownideas/silverstripe-composer-security-checker](https://packagist.org/packages/bringyourownideas/silverstripe-composer-security-checker) | 2
+[bringyourownideas/silverstripe-maintenance](https://packagist.org/packages/bringyourownideas/silverstripe-maintenance) | 2
+[colymba/gridfield-bulk-editing-tools](https://packagist.org/packages/colymba/gridfield-bulk-editing-tools) | 3
+[cwp/agency-extensions](https://packagist.org/packages/cwp/agency-extensions) | 2
+[cwp/cwp](https://packagist.org/packages/cwp/cwp) | 2
+[cwp/cwp-core](https://packagist.org/packages/cwp/cwp-core) | 2
+[cwp/cwp-pdfexport](https://packagist.org/packages/cwp/cwp-pdfexport) | 1
+[cwp/cwp-search](https://packagist.org/packages/cwp/cwp-search) | 1
+[cwp/starter-theme](https://packagist.org/packages/cwp/starter-theme) | 3
+[cwp/watea-theme](https://packagist.org/packages/cwp/watea-theme) | 3
+[dnadesign/silverstripe-elemental](https://packagist.org/packages/dnadesign/silverstripe-elemental) | 4
+[dnadesign/silverstripe-elemental-subsites](https://packagist.org/packages/dnadesign/silverstripe-elemental-subsites) | 2
+[dnadesign/silverstripe-elemental-userforms](https://packagist.org/packages/dnadesign/silverstripe-elemental-userforms) | 3
+[hafriedlander/phockito](https://packagist.org/packages/hafriedlander/phockito) | 1
+[hafriedlander/silverstripe-phockito](https://packagist.org/packages/hafriedlander/silverstripe-phockito) | 1
+[lekoala/silverstripe-debugbar](https://packagist.org/packages/lekoala/silverstripe-debugbar) | 2
+[silverstripe-themes/simple](https://packagist.org/packages/silverstripe-themes/simple) | 3
+[silverstripe/akismet](https://packagist.org/packages/silverstripe/akismet) | 4
+[silverstripe/auditor](https://packagist.org/packages/silverstripe/auditor) | 2
+[silverstripe/behat-extension](https://packagist.org/packages/silverstripe/behat-extension) | 4
+[silverstripe/blog](https://packagist.org/packages/silverstripe/blog) | 3
+[silverstripe/ckan-registry](https://packagist.org/packages/silverstripe/ckan-registry) | 1
+[silverstripe/comment-notifications](https://packagist.org/packages/silverstripe/comment-notifications) | 2
+[silverstripe/comments](https://packagist.org/packages/silverstripe/comments) | 3
+[silverstripe/contentreview](https://packagist.org/packages/silverstripe/contentreview) | 4
+[silverstripe/content-widget ](https://packagist.org/packages/silverstripe/content-widget) | 2
+[silverstripe/crontask](https://packagist.org/packages/silverstripe/crontask) | 2
+[silverstripe/documentconverter](https://packagist.org/packages/silverstripe/documentconverter) | 2
+[silverstripe/elemental-bannerblock](https://packagist.org/packages/silverstripe/elemental-bannerblock) | 2
+[silverstripe/elemental-fileblock](https://packagist.org/packages/silverstripe/elemental-fileblock) | 2
+[silverstripe/environmentcheck](https://packagist.org/packages/silverstripe/environmentcheck) | 2
+[silverstripe/externallinks](https://packagist.org/packages/silverstripe/externallinks) | 2
+[silverstripe/fulltextsearch](https://packagist.org/packages/silverstripe/fulltextsearch) | 3
+[silverstripe/graphql-devtools](https://packagist.org/packages/silverstripe/graphql-devtools) | 1
+[silverstripe/gridfieldqueuedexport](https://packagist.org/packages/silverstripe/gridfieldqueuedexport) | 2
+[silverstripe/html5](https://packagist.org/packages/silverstripe/html5) | 2
+[silverstripe/hybridsessions](https://packagist.org/packages/silverstripe/hybridsessions) | 2
+[silverstripe/iframe](https://packagist.org/packages/silverstripe/iframe) | 2
+[silverstripe/ldap](https://packagist.org/packages/silverstripe/ldap) | 1
+[silverstripe/lumberjack](https://packagist.org/packages/silverstripe/lumberjack) | 2
+[silverstripe/mfa](https://packagist.org/packages/silverstripe/mfa) | 4
+[silverstripe/postgresql](https://packagist.org/packages/silverstripe/postgresql) | 2
+[silverstripe/realme](https://packagist.org/packages/silverstripe/realme) | 4
+[silverstripe/recipe-authoring-tools](https://packagist.org/packages/silverstripe/recipe-authoring-tools) | 1
+[silverstripe/recipe-blog](https://packagist.org/packages/silverstripe/recipe-blog) | 1
+[silverstripe/recipe-ccl](https://packagist.org/packages/silverstripe/recipe-ccl) | 2
+[silverstripe/recipe-collaboration](https://packagist.org/packages/silverstripe/recipe-collaboration) | 1
+[silverstripe/recipe-content-blocks](https://packagist.org/packages/silverstripe/recipe-content-blocks) | 2
+[silverstripe/recipe-form-building](https://packagist.org/packages/silverstripe/recipe-form-building) | 1
+[silverstripe/recipe-reporting-tools](https://packagist.org/packages/silverstripe/recipe-reporting-tools) | 1
+[silverstripe/recipe-services](https://packagist.org/packages/silverstripe/recipe-services) | 1
+[silverstripe/recipe-solr-search](https://packagist.org/packages/silverstripe/recipe-solr-search) | 2
+[silverstripe/registry](https://packagist.org/packages/silverstripe/registry) | 2
+[silverstripe/restfulserver](https://packagist.org/packages/silverstripe/restfulserver) | 2
+[silverstripe/securityreport](https://packagist.org/packages/silverstripe/securityreport) | 2
+[silverstripe/security-extensions](https://packagist.org/packages/silverstripe/security-extensions) | 4
+[silverstripe/segment-field](https://packagist.org/packages/silverstripe/segment-field) | 2
+[silverstripe/sharedraftcontent](https://packagist.org/packages/silverstripe/sharedraftcontent) | 2
+[silverstripe/sitewidecontent-report](https://packagist.org/packages/silverstripe/sitewidecontent-report) | 3
+[silverstripe/spamprotection](https://packagist.org/packages/silverstripe/spamprotection) | 3
+[silverstripe/spellcheck](https://packagist.org/packages/silverstripe/spellcheck) | 2
+[silverstripe/sqlite3](https://packagist.org/packages/silverstripe/sqlite3) | 2
+[silverstripe/sspak](https://packagist.org/packages/silverstripe/sspak) |
+[silverstripe/staticpublishqueue](https://packagist.org/packages/silverstripe/staticpublishqueue) | 5
+[silverstripe/subsites](https://packagist.org/packages/silverstripe/subsites) | 2
+[silverstripe/tagfield](https://packagist.org/packages/silverstripe/tagfield) | 2
+[silverstripe/taxonomy](https://packagist.org/packages/silverstripe/taxonomy) | 2
+[silverstripe/textextraction](https://packagist.org/packages/silverstripe/textextraction) | 3
+[silverstripe/totp-authenticator](https://packagist.org/packages/silverstripe/totp-authenticator) | 4
+[silverstripe/userforms](https://packagist.org/packages/silverstripe/userforms) | 5
+[silverstripe/versionfeed](https://packagist.org/packages/silverstripe/versionfeed) | 2
+[silverstripe/webauthn-authenticator](https://packagist.org/packages/silverstripe/webauthn-authenticator) | 4
+[silverstripe/widgets](https://packagist.org/packages/silverstripe/widgets) | 2
+[symbiote/silverstripe-advancedworkflow](https://packagist.org/packages/symbiote/silverstripe-advancedworkflow) | 5
+[symbiote/silverstripe-gridfieldextensions](https://packagist.org/packages/symbiote/silverstripe-gridfieldextensions) | 3
+[symbiote/silverstripe-multivaluefield](https://packagist.org/packages/symbiote/silverstripe-multivaluefield) | 5
+[symbiote/silverstripe-queuedjobs](https://packagist.org/packages/symbiote/silverstripe-queuedjobs) | 4
+[tijsverkoyen/akismet](https://packagist.org/packages/tijsverkoyen/akismet) | 1
+[tractorcow/classproxy](https://packagist.org/packages/tractorcow/classproxy) | 1
+[tractorcow/silverstripe-proxy-db ](https://packagist.org/packages/tractorcow/silverstripe-proxy-db ) | 1
+[tractorcow/silverstripe-fluent](https://packagist.org/packages/tractorcow/silverstripe-fluent) | 4
+[undefinedoffset/sortablegridfield](https://packagist.org/packages/undefinedoffset/sortablegridfield) | 2
+
+## Supported NPM packages
+
+The following two NPM packages are also supported because they are required to build the UI of Silverstripe CMS 4:
+- [@silverstripe/webpack-config](https://www.npmjs.com/package/@silverstripe/webpack-config)
+- [@silverstripe/eslint-config](https://www.npmjs.com/package/@silverstripe/eslint-config)
+
+## Other modules in the "silverstripe" namespace
+
+There are other modules hosted under the _silverstripe_ Packagist namespace. These modules are maintained on a best effort basis. They are not guaranteed to go through regular regression testing. Their APIs may be more fluid than supported modules. They maybe more experimental or may not receive the same level of care as supported modules.
+
+These modules can still be used in Silverstripe CMS projects, but should be considered as community modules.
\ No newline at end of file

From 393f13dd90ddadbb1b8fa3197e1b9a0b85ac9212 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Patrick=20C=C3=B4t=C3=A9?=
 <85751624+cotpat@users.noreply.github.com>
Date: Fri, 21 Jul 2023 08:57:06 +0200
Subject: [PATCH 2/3] Update 02_configuring_your_schema.md

- Doc spoke of four keywords, but example shows seven. Corrected instances of "four" in docs with "seven".

- Made it more explicit which keywords are being referred to (I think I got it right)
---
 .../01_getting_started/02_configuring_your_schema.md          | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/en/02_Developer_Guides/19_GraphQL/01_getting_started/02_configuring_your_schema.md b/en/02_Developer_Guides/19_GraphQL/01_getting_started/02_configuring_your_schema.md
index 399c1cd85..f331877db 100644
--- a/en/02_Developer_Guides/19_GraphQL/01_getting_started/02_configuring_your_schema.md
+++ b/en/02_Developer_Guides/19_GraphQL/01_getting_started/02_configuring_your_schema.md
@@ -142,7 +142,7 @@ There are two approaches to namespacing:
 
 ##### Namespacing by filename
 
-If the filename is named one of the four keywords above, it will be implicitly placed
+If the filename is named one of the seven keywords used in the `app/_graphql/schema.yml` example above, it will be implicitly placed
 in the corresponding section of the schema - e.g. any configuration
 added to `app/_graphql/config.yml` will be implicitly added to
 `SilverStripe\GraphQL\Schema\Schema.schemas.default.config`.
@@ -177,7 +177,7 @@ will not work).
 
 ##### Namespacing by directory name
 
-If you use a parent directory name (at any depth) of one of the four keywords above, it will
+If you use a parent directory name (at any depth) of one of the seven keywords, it will
 be implicitly placed in the corresponding section of the schema - e.g. any configuration
 added to a `.yml` file in `app/_graphql/config/` will be implicitly added to
 `SilverStripe\GraphQL\Schema\Schema.schemas.default.config`.

From b6e54b10756ab02684e913bd75d925867e0195cc Mon Sep 17 00:00:00 2001
From: Guy Sartorelli <36352093+GuySartorelli@users.noreply.github.com>
Date: Mon, 31 Jul 2023 16:52:48 +1200
Subject: [PATCH 3/3] DOC Add severity rating for CVSS score of 0 (#306)

---
 en/05_Contributing/04_Release_Process.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/en/05_Contributing/04_Release_Process.md b/en/05_Contributing/04_Release_Process.md
index 395e8a56a..181c58499 100644
--- a/en/05_Contributing/04_Release_Process.md
+++ b/en/05_Contributing/04_Release_Process.md
@@ -284,6 +284,7 @@ This rating determines which release lines are targeted with security fixes.
 | **High**      | 7.0 to 8.9 | Important releases should be evaluated immediately. These issues allow an attacker to compromise a site's data and should be fixed within days. *Example: SQL injection.* |
 | **Medium**    | 4.0 to 6.9 | Releases of moderate severity should be applied as soon as possible. They allow the unauthorized editing or creation of content. *Examples: Cross Site Scripting (XSS) in template helpers.* |
 | **Low**       | 0.1 to 3.9 | Low risk releases fix information disclosure and read-only privilege escalation vulnerabilities. These updates should also be applied as soon as possible, but with an impact-dependent priority. *Example: Exposure of the core version number, Cross Site Scripting (XSS) limited to the admin interface.* |
+| **None**      | 0.0 | These releases won't affect a large majority of projects, and may not require any action. They only impact projects with extremely complex or unlikely customisations. They do not impact projects which only implement common customisations or use common features. |
 
 ### Internal Security Process