Re: security & CNCF projects

Stephen Augustus

As I understand it, holds the aggregate maintainers for CNCF project.

-- Stephen

On Tue, Feb 16, 2021 at 12:46 PM Shubhra Kar <skar@...> wrote:
I would suggest we add access for all the maintainers of the project and anyone on the governance committees (example TSCs).

Do you maintain a file or better for us to just scan the repos and find the contributors ?

Kind Regards,

Shubhra Kar
CTO and GM of Products and IT
tweet: @shubhrakar

On Tue, Feb 16, 2021 at 9:10 AM Alexis Richardson <alexis@...> wrote:
thanks, how do I share these with the flux maintainers and community

On Tue, Feb 16, 2021 at 4:59 PM Vasu Naidu <vnaidu@...> wrote:

Hi Alexis,


You should have access to the security reports of the flux project. Please let me know if you have any questions.





From: St Leger, Jim <>
Date: Tuesday, February 16, 2021 at 7:06 AM
To: Chris Aniszczyk <caniszczyk@...>, alexis richardson <alexis@...>, Pranab Bajpai (pbajpai@...) <pbajpai@...>, Vasu Naidu (vnaidu@...) <vnaidu@...>
Cc: Alexis Richardson via cncf-toc <cncf-toc@...>
Subject: RE: [cncf-toc] security & CNCF projects

+ Pranab and Vasu (product/eng leads on LFX I believe.)




From: cncf-toc@... <cncf-toc@...> On Behalf Of Chris Aniszczyk
Sent: Tuesday, February 16, 2021 7:13 AM
To: alexis richardson <alexis@...>
Cc: Alexis Richardson via cncf-toc <cncf-toc@...>
Subject: Re: [cncf-toc] security & CNCF projects


I'll follow up Alexis on the ticket but it's just white labeled 


If you are already using, say Snyk via github action ( you won't see anything new (which is available for open source projects).


On Tue, Feb 16, 2021 at 3:54 AM alexis richardson <alexis@...> wrote:

Hi all


Has anyone looked at this? 


How do we see project data?  I wanted to take a look at flux.  I had to create a login.  Then, I had to "request" a view, which turned out to mean filing a JIRA ticket.  Since then, tumbleweed.


Can we have something more open & useful please?







Chris Aniszczyk (@cra)

Join to automatically receive all group messages.