Security contacts for kube-controller-manager not specified or out of date #92096
Labels
area/security
committee/security-response
Denotes an issue or PR intended to be handled by the product security committee.
kind/cleanup
Categorizes issue or PR as related to cleaning up code, process, or technical debt.
lifecycle/frozen
Indicates that an issue or PR should not be auto-closed due to staleness.
priority/important-soon
Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
The purpose of the
SECURITY_CONTACTS
file for each Kubernetes repository is to provide a list of people who can assist the Kubernetes Product Security Committe in the event that a security issue related to the repository is discovered or disclosed. As described in the file, those on the list should agree to our Embargo Policy.Please update the
/staging/src/k8s.io/kube-controller-manager/SECURITY_CONTACTS
file for the kube-controller-manager repository. After finding people who are willing to work in this capacity, you should add them to the list, then remove PSC members (except any PSC member will be working as a security contact for this repository). The list is GitHub usernames, optionally followed by an email address. If no email address is listed, the PSC will use the email address found on git commits made by the listed user.The file may already have people listed who are secuirty contacts. In that case, simply remove any PSC members who aren't also security contacts for the repo.
See kubernetes/committee-security-response#92 for more information
/area security
/committee product-security
/kind cleanup
/lifecycle frozen
/priority important-soon
The text was updated successfully, but these errors were encountered: