From 00ff8636a27f6d25d4abb8ea52040356df77c8a1 Mon Sep 17 00:00:00 2001 From: Jeffrey 'Alex' Clark Date: Thu, 9 Apr 2026 18:01:08 -0400 Subject: [PATCH] Remove section 7.5 Rollback Procedures Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- .github/INCIDENT_RESPONSE.md | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-) diff --git a/.github/INCIDENT_RESPONSE.md b/.github/INCIDENT_RESPONSE.md index 4bcd22c69..c879e4ed9 100644 --- a/.github/INCIDENT_RESPONSE.md +++ b/.github/INCIDENT_RESPONSE.md @@ -168,23 +168,7 @@ For Critical and High severity where distro pre-notification improves user safet - Publish the GitHub Security Advisory. - Announce on [Mastodon](https://fosstodon.org/@pillow). -### 7.5 Rollback Procedures - -If a security patch introduces a critical regression after release: - -1. **Yank the release immediately** via the PyPI web interface: - [https://pypi.org/manage/project/pillow/](https://pypi.org/manage/project/pillow/) - (navigate to the release, click **"Yank"**). - Yanked releases remain downloadable by pinned users but are excluded from `pip install` - resolution, giving time to fix without leaving users unpatched. -2. Post a public notice in the GitHub release and on Mastodon explaining the regression and - that the release has been yanked. -3. If the previous (vulnerable) version was also yanked, **un-yank it temporarily** so users - have a functional fallback while the corrected release is prepared. -4. Prepare a corrected point release (incrementing the patch version), repeating sections 7.2–7.3. -5. Document the regression in the post-incident review (Section 9). - -### 7.6 Supply-Chain / Infrastructure Compromise +### 7.5 Supply-Chain / Infrastructure Compromise 1. **Immediately** revoke any potentially compromised credentials: - PyPI API tokens (regenerate and update in GitHub secrets) @@ -199,12 +183,12 @@ If a security patch introduces a critical regression after release: 4. Notify GitHub Security if repository access or Actions secrets are involved. 5. Issue a public advisory describing the scope and any user action required. -### 7.7 Recovery +### 7.6 Recovery After the fix is released and the advisory is public: 1. Verify that the patched wheels are live on PyPI and passing CI across all supported platforms. -2. Confirm any yanked releases are handled correctly (re-yank if un-yanked as a fallback during rollback). +2. Confirm any yanked releases are handled correctly . 3. Resume normal development operations on `main`. 4. Monitor the GitHub issue tracker and Mastodon for user reports of residual problems for at least **72 hours** post-release. 5. Close the private GitHub Security Advisory once recovery is confirmed.