Merge pull request #721 from minrk/doc-security-role

add Security team
jupyterhub · May 15, 2024 · 5c9d564 · 5c9d564
2 parents f596783 + ad86f4a
commit 5c9d564
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 1 deletion.
diff --git a/docs/_data/contributors/contributor_key.csv b/docs/_data/contributors/contributor_key.csv
@@ -20,4 +20,5 @@ test,⚠️,"Tests"
 tool,🔧,"Tools"
 translation,🌍,"Translation"
 tutorial,✅,"Tutorials"
-video,📹,"Videos"
+security,🔐,"Security"
+video,📹,"Videos"
diff --git a/docs/_data/contributors/contributors-jupyterhub.yaml b/docs/_data/contributors/contributors-jupyterhub.yaml
@@ -152,3 +152,23 @@
   focus: binder
   status: inactive
   last-check-in: 2022-09
+
+- name: Rick Wagner
+  handle: "rpwagner"
+  affiliation: Jupyter Security
+  contributions: security
+  focus: Security
+  status: active
+  teams:
+    - security
+  last-check-in: 2024-05
+
+- name: David Qiu
+  handle: "dlqqq"
+  affiliation: AWS
+  contributions: security
+  focus: Security
+  status: active
+  teams:
+    - security
+  last-check-in: 2024-05
diff --git a/docs/team/structure.md b/docs/team/structure.md
@@ -174,6 +174,33 @@ Any team member of this team may be added by any other team member, following a
 
 There is no limit to the number of mybinder.org operations team members.
 
+```{team} Security Team
+```
+
+### Security Team
+
+The Security team is primarily an interface to the [Jupyter Security subproject](https://github.com/jupyter/security).
+The Security team contributes to managing security advisories across JupyterHub repositories.
+
+Members of the Security team are members of the jupyterhub/security team, and have the Security Manager Role on GitHub.
+
+#### Expectations and responsibilities
+
+The Security team supports maintainers in the security of JupyterHub repositories.
+Creating and releasing security fixes is primarily the responsibility of **maintainers**,
+while the Security team helps the advisory process in terms of reporting, disclosure, and understanding security issues, and helping JupyterHub maintain a secure development process.
+
+#### How to join
+
+Security team membership is managed jointly by JupyterHub and the Jupyter Security subproject.
+The Jupyter Security council may appoint members to the JupyterHub security team and is responsible for keeping their membership list updated.
+Additionally, contributors may request their addition via [issues in our Team Compass](https://github.com/jupyterhub/team-compass), or via private communications channels.
+If there are no objections to adding a new security team member, add them to [our list of security members](./index).
+
+#### Team size
+
+There is no limit to the number of Security team members.
+
 ```{team} Team Lead
 ```