-
Notifications
You must be signed in to change notification settings - Fork 507
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Security Review] Dragonfly #1327
Comments
@gaius-qi Okay, can you edit the info above to mention who from the dragonfly side will be the "Project Security Lead"? Please also link to the self assessment as the "Project lead provides draft document"? |
I am willing to be a security reviewer for this project. I have read the security reviewer guidelines (in the past, before their link was broken... 😦 ), and have no conflicts. |
Hey @JustinCappos, I would like to volunteer with the security review (depending on eligibility). @gaius-qi, The "security reviewer guidelines" link and the "outline" links are not working in your initial comment. I would love to go through those. Disclosure: I have not done a CNCF project security review before. However, I am working in the security domain and have done threat modeling, security review of other projects outside of CNCF. |
Super, adding you. Would you kindly read this document and comment if you have any conflicts of interest? https://github.com/cncf/tag-security/blob/main/community/assessments/guide/security-reviewer.md (I'll try to get the link fixed.) |
I have read the security reviewer guidelines, and have no conflicts. |
Happy to volunteer. Have read the Security Reviewer Guidelines and have no conflicts. |
@JustinCappos Hey! I have edited the issue to add the "Project Security Lead". Is this PR a "Project lead provides draft document"? Do you need me to provide other content? 😊 Thanks @nyrahul @krishnakv |
@gaius-qi Are you also going to be the Dragonfly POC throughout the joint review? |
I'd be happy to be a security reviewer for this project. I have read the security reviewer guidelines and don't have any hard or soft conflicts. |
Sure |
I am willing to be a reviewer |
I'm willing to be the lead reviewer on this. I have no hard or soft conflicts. |
Okay, great! And away we go! @mnm678 you're all set to kick this off with the naive questions phase... |
@gaius-qi Could you create a draft joint assessment for us to iterate on? Most of the content will be similar to the self assessment that you linked. Maybe in Google docs or similar format for now to allow for comments and discussion. |
@gaius-qi , Gentle reminder. |
pinging again on this... Just want to make sure we're no dropping this issue... |
@nyrahul @JustinCappos I'm sorry sir, I'm very busy with work recently. I will provide a draft joint assessment before September 28th. 🙏🙏🙏 |
@mnm678 @nyrahul @JustinCappos Hey, I have finished a draft jonit assessment. |
Project Name: Dragonfly
Github URL: https://github.com/dragonflyoss/Dragonfly2
Project Security Lead: Wenbo Qi(Gaius)
CNCF project stage and issue (NA if not applicable): Incubation, applying for graduation.
Security Provider: no
The text was updated successfully, but these errors were encountered: