[RFC] Best way to update users on security patches that should be installed

[majormoses]

Currently we have no way of notifying users when we release a new version of any of the components of sensu and it's community projects. Looking for what our users would prefer, these are some options:

• mailer
• slack channel
• rss feed
• blog

relates to #78

[jaredledvina]

I personally use Github's native Atom feeds for releases (i.e. https://github.com/sensu-plugins/sensu-plugins-process-checks/releases.atom) and then use Slack's /feed command to subscribe to them. Not sure what other folks do but, this has worked very well for me so far.

[majormoses]

Do you subscribe to every single sensu service used though? between sensu, extensions, plugins, etc that is probably a lot of noise. Wondering if we should consider something a bit more short and simple just for security to avoid losing that info in the noise.

[jaredledvina]

Ah, no, as a 'user' I have subscribed to the release feed for every plugin/extension/etc that I've installed in my environment. I think a dedicate way to announce security updates makes sense. Not sure how to go about it though, I can imagine a generic 'security feed' for all of them would also be a bit noisy for folks.