tag-security icon indicating copy to clipboard operation
tag-security copied to clipboard

Published 20 hours ago verified publisher icon cncf

[Security Review] Dragonfly

Open gaius-qi opened this issue 1 year ago • 29 comments
trafficstars

Project Name: Dragonfly

Github URL: https://github.com/dragonflyoss/Dragonfly2

Project Security Lead: Wenbo Qi(Gaius)

CNCF project stage and issue (NA if not applicable): Incubation, applying for graduation.

Security Provider: no

  • [x] Identify team
    • [x] Project security lead @gaius-qi
    • [x] Lead security reviewer: @mnm678
    • [x] 1 or more additional reviewer(s) @JustinCappos @nyrahul @mrcdb @hubbertsmith
    • [x] Every reviewer has read security reviewer guidelines and stated declaration of conflict
    • [x] Sign off by facilitator on reviewer conflicts
  • [X] Create slack channel (#sec-assessment-dragonfly)
  • [X] Project lead provides draft document
  • [ ] "Naive question phase" Lead Security Reviewer asks clarifying questions
  • [ ] Assign issue to security reviewers
  • [ ] Initial review
  • [ ] Presentation & discussion
  • [ ] Share draft findings with project
  • [ ] Assessment summary and doc checked into /assessments/projects/project-name (require at least 1 co-chair approval)
  • [ ] CNCF TOC presentation (if requested by TOC)

gaius-qi avatar Jul 19 '24 02:07 gaius-qi