Skip to content
Snippets Groups Projects

Added paragraph to elaborate how/when to retire Project Security Team members

Open Added paragraph to elaborate how/when to retire Project Security Team members
mbarbero/development-process:mbarbero-1.12-patch-54464 into 1.12
Open Mikaël Barbero requested to merge mbarbero/development-process:mbarbero-1.12-patch-54464 into 1.12
Compare
and
1 file
+ 2
0
Compare changes
  • Side-by-side
  • Inline
source/development_process.adoc
+ 2
0
@@ -279,6 +279,8 @@ Members of the Project Security team are voted in by all Committers using the sa
The Project Security Team must consist of at least two persons; at least one of them must be a Committer on the Project. The Project is free to elect non-Committers to the Project Security Team, when they have related security experience. Project Security Team members are required to sign the appropriate Committer legal agreements established by the EMO.
There are times when the Project Security Team may become inactive for various reasons. The security of the project relies on active members who respond to vulnerability reports in a timely manner. The Project Leads are responsible for ensuring the smooth operation of the project. A Project Security Team member who is disruptive, does not participate actively, or has been inactive for an extended period may be removed from the Project Security Team by the unanimous consent of the Project Leads. Unless otherwise specified, "an extended period" is defined as "no activity for more than six months".
The members of Project Security Team must keep strict confidentiality of issues before they are resolved and released publicly. For resolution of a particular issue, they might bring in additional Committers or Contributors, or additional domain experts. Those contributors must adhere to the same confidentiality guidelines.
[#5_Reserved]

Copyright © Eclipse Foundation, Inc. All Rights Reserved.     Privacy Policy | Terms of Use | Copyright Agent