We need more people for the security triage
Are there any other volunteers in the @nodejs/tsc?
Current ones are:
@vdeturckheim @RafaelGSS @mcollina / myself
If the triager does not need to be a collaborator/TSC I can vouch for @Aditi-1400 who's interested in volunteering. She might need some initial guidance but I can vouch for her professionalism and accountability as her coworker. Not exactly security but she’s also been helping out with some crypto features among many other things: https://github.com/nodejs/node/issues?q=author:Aditi-1400
I can volunteer also as security releaser
If the triager does not need to be a collaborator/TSC
As far as I know, we expect the volunteer to be at least a collaborator on the project (as evaluating the reports requires an understanding of Node.js internals). However, the volunteer doesn't need to be a TSC member.
As soon as @Aditi-1400 is comfortable with the project internals and fine to be nominated as a core collaborator, I'm +1.
Triage means reviewing incoming h1 reports? I used to do that but I don't get them anymore due to (I assume) some kind of reshuffle.
Do you want access? Very happy to add you back!
I can't in all honesty say I really missed it (lots of drivel) but sure, let's give it a go.
@mcollina did you add me? I still can't seem to access any h1 reports.
@bnoordhuis I have just sent the invite to [email protected].
Received and accepted, thanks!