I would suggest we add access for all the maintainers of the project and anyone on the governance committees (example TSCs). Do you maintain a maintainers.md file or better for us to just scan the

thanks, how do I share these with the flux maintainers and community

Yes, please. To your general point -- I have a view that if Snyk (or similar) offers a free scanning service to CNCF projects, then the community should benefit. These are completely standard

Jim, We are looking into, let me get back to you with an update. Regards, Vasu --- Sr. Director, Head Of Engineering Cell: 1.408.420.0404 Slack:@Vasu From:St Leger, Jim

That depends on your viewpoint, the maintainers ideally should make that call per project based on whatever security process they have in place for the project. You can have a view that maintainers

I see. Well, I'm not. This info should be open to all, without any barriers whatsoever

I think what Chris means is that if you are already scanning with Snyk, then you won't see anything different in the LFX feed.

Apologies - will miss TOC liaison discussion today. No electricity or water in my area. No/limited cellular. Hoping this message catches a signal before tomorrow’s call. -Lee

+ Pranab and Vasu (product/eng leads on LFX I believe.) Jim

Thanks Chris It would be great if this data was readily accessible. I don't think packing into GH actions provides that, however useful it may be for other purposes

I'll follow up Alexis on the ticket but it's just white labeled https://snyk.io If you are already using, say Snyk via github action (https://github.com/snyk/actions/tree/master/golang) you won't see

Hi all Has anyone looked at this? https://security.lfx.linuxfoundation.org/#/ How do we see project data? I wanted to take a look at flux. I had to create a login. Then, I had to "request" a view,

Hi all, We'll be meeting tomorrow at 8am Pacific. We'll have a short discussion about TOC liaisons with the SIGs, and then have an open floor for discussion. Presentation:

Hi Liz, Michelle, all, Stefan and Daniel have responded on individual points. I'll attempt to fill in the remainder -- The discussion in https://github.com/fluxcd/flux2/discussions/620 may run for a

Hi Liz, We've updated the Flagger logo on the docs website including all diagrams. The description now states that Flagger is part of the Flux family. Please let us know if there is something else we

Hello everybody, In argoproj/gitops-engine#126 I updated the FAQ to reflect the current situation, but didn't want to update the rest of FAQ as I didn't want to speak for the Argo project. I just

Thanks Michelle, and everyone involved in putting this DD together! I have a few questions so I have copied in the Flux maintainers list too. I see the note that Flux is working on a broader project

Hello, Flux is applying for incubation status: PR: https://github.com/cncf/toc/pull/567 DD:

Congratulations and thank yous for old and new TOC members. This set of people a solid choice, indeed. On a janitorial level, I think it would be great if company affiliations could be listed

Big congrats to all the new TOC members. Looking forward to working with you all. And thank you Brendan, Matt, and Xiang for all your hard work!