Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [oniro-dev] [oniro-wg] Oniro security process update 
Hello Marta and Mikael,

On Wednesday, 16 November 2022 07:09:30 CET Marta Rybczynska wrote:
> Thank you Andrei.
> 
> It means that we have Andrei and me as candidates. We should have a vote
> now. Agustin, do we have a way to create a custom vote, or we just use the
> mailing list?

I understand this is a purely technical topic so the team should be selected 
among developers. I assume then that PMC is a good place to deal with this 
topic.

So removing oniro-wg from the thread.

@Mikael, maybe we should consult this specific point with EMO. I assume they 
would like to go a process that can be extensible to any project. If yes, 
should I open a ticket to EMO or would you?

Maybe we can think of the figure of the security coordinator. Given how 
security in open source works, you might need somebody empowered to represent 
the project in this topic outside EF. Maybe the project lead could be another 
option. This figure would also help EF to have ambassadors within the projects 
to promote good practices. Also a group of subject matter experts the EF 
security team can work with on a more regular basis.

> 
> Kind regards,
> Marta
> 
> On Fri, 4 Nov 2022 at 18:16, Andrei Gherzan <andrei.gherzan@xxxxxxxxxx>
> 
> wrote:
> > Hi Marta,
> > 
> > 
> > 
> > I’m happy to help with the security efforts as needed. I’ve also added
> > some small comments in the mentioned merge request.
> > 
> > 
> > 
> > Regards,
> > 
> > Andrei
> > 
> > 
> > 
> > *From:* oniro-wg [mailto:oniro-wg-bounces@xxxxxxxxxxx] *On Behalf Of
> > *Marta
> > Rybczynska
> > *Sent:* 03 November 2022 09:38
> > *To:* onirocore developer discussions <oniro-dev@xxxxxxxxxxx>; Oniro
> > Working Group <oniro-wg@xxxxxxxxxxx>;
> > mikael.barbero@xxxxxxxxxxxxxxxxxxxxxx
> > *Subject:* [oniro-wg] Oniro security process update
> > 
> > 
> > 
> > Dear all,
> > 
> > With the setup of the private bugtracker, there are some updates to make
> > in our security processes. Here is the related merge request:
> > 
> > https://gitlab.eclipse.org/eclipse/oniro-core/docs/-/merge_requests/34
> > 
> > 
> > 
> > This is also a good moment to set up the security team. When we've made a
> > call for volunteers some time ago, we had: Pavel Z, Nat, Bero and me. WIth
> > the changes in the project it makes sense in my opinion to launch another
> > call. Who would like to take part in the security team?
> > 
> > 
> > 
> > Please note that we have decided to have at least two people.
> > 
> > 
> > 
> > Kind regards,
> > 
> > Marta
> > _______________________________________________
> > oniro-dev mailing list
> > oniro-dev@xxxxxxxxxxx
> > To unsubscribe from this list, visit https://accounts.eclipse.org

Best Regards
-- 
Agustin Benito Bethencourt
Oniro Program Manager | Eclipse Foundation
Eclipse Foundation: The Community for Open Innovation and Collaboration

Back to the top