The CNCF Security TAG put together an excellent resource: https://github.com/cncf/tag-security/tree/master/supply-chain-security https://www.cncf.io/blog/2021/05/14/evaluating-your-supply-chain-securi

Hello everyone, Argo project is applying for graduation status: PR: https://github.com/cncf/toc/pull/604 DD: https://docs.google.com/document/d/1R4WjMG9s9JX8onZvOzEFSjBBFAInurN8tSiAFLqj-FE/edit#headin

I hope everyone had an amazing KubeCon + CloudNativeCon! Due to the recent re-licensing of a couple popular permissive projects to AGPL, the CNCF has posted guidance for projects that may be affected:

CNCF, Join OpsCruise partner and one of the leading global digital enablement system integration firms, Visionet, in a panel discussion on Unraveling Container Visibility. Visionet has helped hundreds

The proposal to rename Special Interest Groups to Technical Advisory Groups (https://github.com/cncf/toc/issues/549) has been approved. 8/11 +1 Binding: Liz Rice: https://github.com/cncf/toc/issues/54

The TOC met today to review the applications for projects wishing to be included as sandbox projects. The next scheduled meeting for sandbox inclusion review is June 22nd, 2021. Vineyard - passes with

The proposal to streamline the incubation process has been approved. (https://github.com/cncf/toc/pull/640) 8/11 +1 Binding: Davanum Srinivas https://lists.cncf.io/g/cncf-toc/message/5809 Alena Prokha

All -- After several rounds of thoughtful discussion and review, the proposal to change the Kubernetes release cadence (to three releases/year) has been approved! Thank you to everyone who had a hand

A proposal has been made to streamline the incubation process: https://github.com/cncf/toc/pull/640 Please vote (+1/0/-1) by replying to this thread. Remember that the TOC has binding votes only, but

+1

Hi all, We'll be meeting tomorrow at 8am Pacific. Tomorrow's discussion is on some updates to the incubating process. (https://github.com/cncf/toc/pull/640 has details.) Agenda: https://docs.google.co

🙏 Thanks to SIG Security for this advice on Codecov @chris @amye you’re probably already on top of this, but please could we make sure the relevant project maintainers are aware and acting on this? Pe

The Emissary-ingress project has been approved for incubation. https://lists.cncf.io/g/cncf-toc/message/5715 9/11 -- passes +1 B Liz Rice: https://lists.cncf.io/g/cncf-toc/message/5744 Justin Cormack:

FYI ---------- Forwarded message --------- From: Emily Fox <themoxiefoxatwork@...> Date: Fri, Apr 9, 2021 at 11:20 AM Subject: [cncf-sig-security] Supply Chain Security Paper Open for public comment T

Hi all, We'll be meeting tomorrow at 8am Pacific. Agenda: https://docs.google.com/document/d/1jpoKT12jf2jTf-2EJSAl4iTdA7Aoj_uiI19qIaECNFc/edit Presentation: https://docs.google.com/presentation/u/2/d/

Greetings, I wanted to send an email to notify that Brigade's 2021 Annual review has been posted. It can be seen via the following pull request: https://github.com/cncf/toc/pull/631 Brigade-2021-Annua

The TOC met today to review the applications for projects wishing to be included as sandbox projects. We weren't able to make it through all of the applications, we'll hold a second review meeting on

The emissary-ingress project (formerly known as Ambassador) has applied for incubation. https://github.com/cncf/toc/pull/435 The due diligence document is here: https://docs.google.com/document/d/1bJh

The proposed Tech Leads for SIG Storage have been approved. https://lists.cncf.io/g/cncf-toc/message/5718 8/11 - passes +1 Binding: Liz Rice: https://lists.cncf.io/g/cncf-toc/message/5722 Justin Corma

Hi all Has anyone looked at this? https://security.lfx.linuxfoundation.org/#/ How do we see project data? I wanted to take a look at flux. I had to create a login. Then, I had to "request" a view, whi