On 12/05/16 18:21 -0400, Nikhil Komawar wrote:
On 5/12/16 6:19 PM, Nikhil Komawar wrote:
On 5/12/16 6:04 PM, Flavio Percoco wrote:
On 12/05/16 17:38 -0400, Nikhil Komawar wrote:
Comments, alternate proposal inline.
On 5/12/16 8:35 AM, Jeremy Stanley wrote:
On 2016-05-11 23:39:58 -0400 (-0400), Nikhil Komawar wrote:
I would like to propose adding add Brian to the team.
[...]
I'm thrilled to see Glance adding more security-minded
reviewers for
embargoed vulnerability reports! One thing to keep in mind
though is
that you need to keep the list of people with access to these
relatively small; I see
https://launchpad.net/~glance-coresec/+members has five members
now.
Thanks for raising this. Yes, we are worried about it too. But as
you
bring it up, it becomes even more important. A lot of Glancers time
share with other projects and lack bandwidth to contribute fully to
this
responsibility. Currently, I do not know if anyone can be rotated
out as
we have had pretty good input from all the folks there.
While the size I picked in item #2 at
<URL: https://governance.openstack.org/reference/tags/
vulnerability_managed.html#requirements >
is not meant to be a strict limit, you may still want to take
this
as an opportunity to rotate out some of your less-active
reviewers
(if there are any).
Thanks for not being strict on it.
I do however, want to make another proposal:
Since Stuart is our VMT liaison and he's on hiatus, can we add
Brian as
his substitute. As soon as Stuart is back and is ready to shoulder
this
responsibility we should do the rotation.
Please vote +1, 0, -1.
I will consider final votes by Thur May 19 2100 UTC.
Can we ask Stuart if he's ok with us removing him from the coresec
team? I think
he won't have time for it and it'd be irresponsible from us to send VMT
bugs to
him at this point.
I just realized we both meant the same thing, my description wasn't too clear
though on what I meant as rotation.
Ah-ha! Gotcha! then +1 from me too :)
Confirmation enqueue. Cheers, Flavio__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev -- Thanks, Nikhil -- Thanks, Nikhil
-- @flaper87 Flavio Percoco
signature.asc
Description: PGP signature
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
