There are times it would be pretty handy to be able to "git diff" (or "git shortlog") between patch releases in, for example, the releng/14.0 branch. It seems as though it wouldn't be hard for the release engineering team to apply a tag to the git repository after they have committed sources for a new patch release.
Sounds reasonable to me, but it's the security team which does all the commits after the release. Reassigning to them.
*** Bug 279415 has been marked as a duplicate of this bug. ***
Sounds reasonable. I would create e.g. release/14.0.0-pX when we bump the version. Should we bother retroactively creating these tags for the supported releases? Cc:ing lwhsu too. Li-Wen: is there any repo-voodoo that needs to be adjusted for so to create these release/ tags?
When I create the release tags I just create a tag and push it. It's possible that I've been specially flagged to be allowed to create tags, but I don't think so.
Also would be good to have tags for every OSVERSION change as a reference points for updates between commits on STABLE. https://docs.freebsd.org/en/books/porters-handbook/versions/