Based on openjs-foundation/cross-project-council#326 we are looking for a volunteer to write the first version of the security reporting guidelines, following the https://github.com/openjs-foundation/cross-project-council/blob/master/STAGING_PROCESS.md to make the proposal.
Ideally the work would be:
- review the reporting procedures (or gap) for existing member projects
- Propose a first draft of guidelines that would apply for member projects. It might be different based on level of project (For example may be required for Impact project, optional for add-hoc)
- Consider and recommend whether the OpenJS foundation should offer support in satisfying the guidelines
Based on openjs-foundation/cross-project-council#326 we are looking for a volunteer to write the first version of the security reporting guidelines, following the https://github.com/openjs-foundation/cross-project-council/blob/master/STAGING_PROCESS.md to make the proposal.
Ideally the work would be: