Hi Tingyu, Malini,
Bryon and I discussed the scope of the current security effort. We realized that when security got removed from the Edinburgh release that the scope for the first security release did not stick to that define for Edinburg (crawl). Instead, items scoped for Fuji (walk) have been added to the current scope. A couple of those items are Bryon’s story/PRs for Create Vault access tokens (#1677) and Split edgex-vault Docker container … (#176). We feel that these are beyond the “crawl” stage that was originally scope for Edinburgh. There may be others, but these are two that I am aware of.
We encourage you to review stories that were not in the Edinburgh (crawl) scope and consider pushing them to the next security release allowing for us to get a “crawl” stage release out sooner than later. This is assuming that we all agree that this first security release should be at the crawl stage that we scoped for Edinburgh.