Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

doc: add security-steward rotation information #41707

Closed
wants to merge 16 commits into from
Closed

doc: add security-steward rotation information #41707

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
bf17b02
doc: add security-steward rotation information
mhdawson Jan 26, 2022
fbd8456
Update doc/contributing/security-release-process.md
mhdawson Jan 26, 2022
ae22a8f
Update README.md
mhdawson Jan 26, 2022
e4428ae
Update doc/contributing/security-release-process.md
mhdawson Jan 26, 2022
d5db2ff
Update doc/contributing/security-release-process.md
mhdawson Jan 26, 2022
3d465aa
Update doc/contributing/security-release-process.md
mhdawson Jan 26, 2022
ad6dc59
Update doc/contributing/security-release-process.md
mhdawson Jan 26, 2022
23d25d8
Update README.md
mhdawson Jan 27, 2022
be0175d
Update README.md
mhdawson Jan 27, 2022
94d6d7e
Update doc/contributing/security-release-process.md
mhdawson Jan 27, 2022
b6805db
Update doc/contributing/security-release-process.md
mhdawson Jan 27, 2022
c98a1f7
Update README.md
mhdawson Jan 27, 2022
108ea44
Update README.md
mhdawson Jan 27, 2022
e854d71
Update doc/contributing/security-release-process.md
mhdawson Jan 27, 2022
956b31d
Update doc/contributing/security-release-process.md
mhdawson Jan 27, 2022
2cc8720
Update doc/contributing/security-release-process.md
mhdawson Jan 28, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -729,6 +729,32 @@ use these keys to verify a downloaded file.

</details>

### Security Release Stewards
mhdawson marked this conversation as resolved.
Show resolved Hide resolved

When possible the commitment to take slots in the
mhdawson marked this conversation as resolved.
Show resolved Hide resolved
security release steward rotation is made by companies in order
to ensure individuals who act as security stewards have the
support and recognition from their employer to be able to
prioritize security releases. Security release stewards manage security
releases on a rotation basis as outlined in the
[security release process](./doc/contributing/security-release-process.md).

The current set of security release stewards is as follows:

mhdawson marked this conversation as resolved.
Show resolved Hide resolved
* Datadog
* [bengl](https://github.com/bengl) -
**Bryan English** <<bryan@bryanenglish.com>> (he/him)
* [vdeturckheim](https://github.com/vdeturckheim) -
**Vladimir de Turckheim** <<vlad2t@hotmail.com>> (he/him)
* NearForm
* [mcollina](https://github.com/mcollina) -
**Matteo Collina** <<matteo.collina@gmail.com>> (he/him)
* Red Hat and IBM
* [mhdawson](https://github.com/mhdawson) -
**Michael Dawson** <<midawson@redhat.com>> (he/him)
* [joesepi](https://github.com/joesepi)-
**Joe Sepi** <<joesepi@ibm.com>> (he/him)
mhdawson marked this conversation as resolved.
Show resolved Hide resolved

## License

Node.js is available under the
Expand Down
24 changes: 24 additions & 0 deletions doc/contributing/security-release-process.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,30 @@ Security Release and used to track progress on the release. It contains _**TEXT
LIKE THIS**_ which will be replaced during the release process with the
information described.

## Security release stewards

For each security release, a security steward will take ownership for
coordinating the steps outlined in this process. Security stewards
are nominated through an issue in the TSC repository and approved
through the regular TSC consensus process. Once approved they
mhdawson marked this conversation as resolved.
Show resolved Hide resolved
are given access to all of the resources needed to carry out the
steps listed in the process as outlined in
[security steward on/off boarding](security-steward-on-off-boarding.md).

The current security stewards are documented in the main Node.js
[README.md](https://github.com/nodejs/node#security-stewards).
mhdawson marked this conversation as resolved.
Show resolved Hide resolved

The current rotation is as follows:

mhdawson marked this conversation as resolved.
Show resolved Hide resolved
| Company | Person | Release Date |
| ---------- | -------- | ------------ |
| NearForm | Matteo | Oct 21 |
| Datadog | Bryan | Jan 22 |
mhdawson marked this conversation as resolved.
Show resolved Hide resolved
| RH and IBM | Joe | |
| NearForm | Matteo | |
| Datadog | Vladimir | |
| RH and IBM | Michael | |

## Planning

* [ ] Open an [issue](https://github.com/nodejs-private/node-private) titled
Expand Down