Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Security Working Group #1348

Merged
merged 1 commit into from
Mar 15, 2023
Merged

Update Security Working Group #1348

merged 1 commit into from
Mar 15, 2023

Conversation

fraxken
Copy link
Member

@fraxken fraxken commented Mar 4, 2023

Hello 👋

Updating the WORKING_GROUPS.md file following recommandation of @mhdawson in the following issue: nodejs/security-wg#874

I've made the same changes:

  • remove reference to legacy nsp (Node Security Project) which was acquired by npm inc. (which was then acquired by GitHub)
  • remove "ecosystem" prefix for the WG as this has been promoted & is canonically known as Node.js's "Security WG"

Trott
Trott reviewed Mar 4, 2023
View reviewed changes
WORKING_GROUPS.md Outdated Show resolved Hide resolved
@Trott
Copy link
Member

Trott commented Mar 4, 2023
edited
Loading

If I'm not mistaken, the name and the responsibilities come from the working group's charter and can only be changed by the TSC. However, consensus should be sufficient for such a change. @nodejs/tsc

@Trott
Copy link
Member

Trott commented Mar 4, 2023

When this working group was initially chartered, it was proposed to name it "Security working group" but people (including me) were concerned that they would start receiving vulnerability reports about Node.js from well-meaning researchers and other community members. Is that still a concern of TSC members?

@Trott
Copy link
Member

Trott commented Mar 4, 2023

I'm putting this on the TSC agenda to maximize TSC input. Consensus should be enough for this--it shouldn't require a vote unless there are one or more TSC members opposed (and one or more in favor).

@mhdawson mhdawson mentioned this pull request Mar 6, 2023
Closed
@fraxken fraxken force-pushed the update-security-wg branch from 5ad80f9 to f37ae3d Compare March 6, 2023 19:17
mcollina
mcollina approved these changes Mar 8, 2023
View reviewed changes
Copy link
Member

@mcollina mcollina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@mhdawson mhdawson mentioned this pull request Mar 13, 2023
Closed
mhdawson
mhdawson reviewed Mar 15, 2023
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

mhdawson
mhdawson approved these changes Mar 15, 2023
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Trott Trott merged commit ea020c4 into nodejs:main Mar 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Trott Trott Trott left review comments

@RaisinTen RaisinTen RaisinTen approved these changes

@RafaelGSS RafaelGSS RafaelGSS approved these changes

@mhdawson mhdawson mhdawson approved these changes

@legendecas legendecas legendecas approved these changes

@BethGriggs BethGriggs BethGriggs approved these changes

@gireeshpunathil gireeshpunathil gireeshpunathil approved these changes

@danielleadams danielleadams danielleadams approved these changes

@cjihrig cjihrig cjihrig approved these changes

@targos targos targos approved these changes

@mcollina mcollina mcollina approved these changes

Assignees
No one assigned
Labels
tsc-agenda
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.