Skip to content

Update Overview Community Management Guide.mdx#513

Merged
mattaereal merged 23 commits into
security-alliance:developfrom
NFTDreww:fw_community_mgmt
Jul 8, 2026
Merged

Update Overview Community Management Guide.mdx#513
mattaereal merged 23 commits into
security-alliance:developfrom
NFTDreww:fw_community_mgmt

Conversation

@NFTDreww

@NFTDreww NFTDreww commented Jun 2, 2026

Copy link
Copy Markdown
Collaborator

I have updated the overall update overview to be more inline with the feedback given over the past few weeks, which were:

  1. Reframe the intro as a wayfinding statement. Instead of opening with a content summary, open with a one- or two-sentence orientation about what community security covers and where to go. Something like: "Community Management security spans several disciplines — each with its own dedicated Framework. Use this page to find the right one."

  2. Convert the best practices section into a visual index. Each of the four sections (2FA/passwords, phishing, OpSec, emergency response) already has a corresponding Framework, so we can turn them into explicit cards or a linked table with the topic, a single descriptive sentence, and the link. This keeps the content without making it feel like a dead end.

  3. Cut the inline detail that lives somewhere else. For example, TOTP configuration advice, the password manager separation rule, and the DM-first policy all belong in the destination frameworks, not here. Keeping it here creates both a maintenance burden for your team and dilutes the "go there for more" message.

------------------------------------------------------------------------ Therefore I was able to make the community manage guides more of the why, what, and how/where? Explaining this information and then leading into the actual frameworks for each that ALL needs to be taken into consideration when talking about community management and it's subsequent guides/frameworks.

This included a complete reformat of this page, that I think addresses all feedback and has a cleaner flow to providing the north star for this section.

Frameworks PR Checklist

Thank you for contributing to the Security Frameworks! Before you open a PR, make sure to read information for contributors and take a look at the following checklist:

  • Describe your changes, substitute this text with the information
  • If you are touching an existing piece of content, tag current contributors from the attribution list
  • If there is a steward for that framework, ask the steward to review it
  • If you're modifying the general outline, make sure to update it in the vocs.config.ts adding the dev: true parameter
  • If you need feedback for your content from the wider community, share the PR in our Discord
  • Review changes to ensure there are no typos; see instructions below.

NFTDreww added 3 commits June 2, 2026 10:28
I have updated the overall update overview to be more inline with the feedback given over the past few weeks, which were:

1) Reframe the intro as a wayfinding statement. Instead of opening with a content summary, open with a one- or two-sentence orientation about what community security covers and where to go. Something like: "Community Management security spans several disciplines — each with its own dedicated Framework. Use this page to find the right one."

2) Convert the best practices section into a visual index. Each of the four sections (2FA/passwords, phishing, OpSec, emergency response) already has a corresponding Framework, so we can turn them into explicit cards or a linked table with the topic, a single descriptive sentence, and the link. This keeps the content without making it feel like a dead end.

3) Cut the inline detail that lives somewhere else. For example, TOTP configuration advice, the password manager separation rule, and the DM-first policy all belong in the destination frameworks, not here. Keeping it here creates both a maintenance burden for your team and dilutes the "go there for more" message.

------------------------------------------------------------------------
Therefore I was able to make the community manage guides more of the why, what, and how/where? Explaining this information and then leading into the actual frameworks for each that ALL needs to be taken into consideration when talking about community management and it's subsequent guides/frameworks.

This included a complete reformat of this page, that I think addresses all feedback and has a cleaner flow to providing the north star for this section.
I have updated the overall update overview to be more inline with the feedback given over the past few weeks, which were:

Reframe the intro as a wayfinding statement. Instead of opening with a content summary, open with a one- or two-sentence orientation about what community security covers and where to go. Something like: "Community Management security spans several disciplines — each with its own dedicated Framework. Use this page to find the right one."

Convert the best practices section into a visual index. Each of the four sections (2FA/passwords, phishing, OpSec, emergency response) already has a corresponding Framework, so we can turn them into explicit cards or a linked table with the topic, a single descriptive sentence, and the link. This keeps the content without making it feel like a dead end.

Cut the inline detail that lives somewhere else. For example, TOTP configuration advice, the password manager separation rule, and the DM-first policy all belong in the destination frameworks, not here. Keeping it here creates both a maintenance burden for your team and dilutes the "go there for more" message.

------------------------------------------------------------------------ Therefore I was able to make the community manage guides more of the why, what, and how/where? Explaining this information and then leading into the actual frameworks for each that ALL needs to be taken into consideration when talking about community management and it's subsequent guides/frameworks.

This included a complete reformat of this page, that I think addresses all feedback and has a cleaner flow to providing the north star for this section.
I have updated the overall update overview to be more inline with the feedback given over the past few weeks, which were:

Reframe the intro as a wayfinding statement. Instead of opening with a content summary, open with a one- or two-sentence orientation about what community security covers and where to go. Something like: "Community Management security spans several disciplines — each with its own dedicated Framework. Use this page to find the right one."

Convert the best practices section into a visual index. Each of the four sections (2FA/passwords, phishing, OpSec, emergency response) already has a corresponding Framework, so we can turn them into explicit cards or a linked table with the topic, a single descriptive sentence, and the link. This keeps the content without making it feel like a dead end.

Cut the inline detail that lives somewhere else. For example, TOTP configuration advice, the password manager separation rule, and the DM-first policy all belong in the destination frameworks, not here. Keeping it here creates both a maintenance burden for your team and dilutes the "go there for more" message.

------------------------------------------------------------------------ Therefore I was able to make the community manage guides more of the why, what, and how/where? Explaining this information and then leading into the actual frameworks for each that ALL needs to be taken into consideration when talking about community management and it's subsequent guides/frameworks.

This included a complete reformat of this page, that I think addresses all feedback and has a cleaner flow to providing the north star for this section.
@NFTDreww NFTDreww changed the title Update overview.mdx Update Overview Community Management Guide.mdx Jun 2, 2026
@mattaereal mattaereal marked this pull request as ready for review June 29, 2026 14:49
@github-actions

github-actions Bot commented Jun 29, 2026

Copy link
Copy Markdown
built with Refined Cloudflare Pages Action

⚡ Cloudflare Pages Deployment

Name Status Preview Last Commit
frameworks ✅ Ready (View Log) Visit Preview 3664728

@scode2277 scode2277 left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added some one-click apply needed updates for the build to pass.

Comment thread docs/pages/community-management/discord.mdx Outdated
Comment thread docs/pages/community-management/discord.mdx Outdated
Comment thread docs/pages/community-management/overview.mdx Outdated
Comment thread docs/pages/community-management/overview.mdx Outdated
Comment thread docs/pages/community-management/telegram.mdx Outdated
Comment thread docs/pages/community-management/discord.mdx Outdated
Comment thread docs/pages/community-management/overview.mdx Outdated
Comment thread docs/pages/community-management/telegram.mdx Outdated
Comment thread docs/pages/community-management/telegram.mdx
Comment thread docs/pages/community-management/telegram.mdx Outdated
Comment thread docs/pages/community-management/overview.mdx Outdated
@scode2277

Copy link
Copy Markdown
Collaborator

I've applied all the needed changes for the build to run as well as updated all the links to be relative instead of absolute and resolved merging conflicts.

This is now ready to review @mattaereal

@scode2277 scode2277 added the content:add This issue or PR adds content or suggests to label Jul 6, 2026
NFTDreww added a commit to NFTDreww/frameworks that referenced this pull request Jul 7, 2026
Adjusted to fixes called out in security-alliance#513  to flesh with security-alliance#514
@NFTDreww NFTDreww mentioned this pull request Jul 7, 2026
9 tasks
Updating fixed to this to address call outs from security-alliance#513 & security-alliance#514
@NFTDreww NFTDreww mentioned this pull request Jul 7, 2026
9 tasks
NFTDreww added a commit to NFTDreww/frameworks that referenced this pull request Jul 7, 2026
Updating Twitter to address call outs in security-alliance#513 and security-alliance#514
@NFTDreww NFTDreww mentioned this pull request Jul 7, 2026
9 tasks
@scode2277

Copy link
Copy Markdown
Collaborator

After talking with @NFTDreww, we realized this PR is the one with all the content he is contributing in the right format and structure.

I've closed #514, #547 and #548 as they had duplicated content. This is ready to go @mattaereal!

@frameworks-volunteer frameworks-volunteer left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Model: z-ai/glm-5.2 Reasoning: medium Provider: openrouter

Review Summary

Security and QA review complete. Approving.

Security Review

  • No hardcoded secrets, tokens, or API keys
  • No XSS/injection vectors (MDX content only, no dangerouslySetInnerHTML, eval, or inline scripts)
  • No unsafe deserialization or dynamic imports
  • All links are internal relative paths to existing framework pages — no external/unknown URLs
  • No sensitive data exposure

QA Review

  • All CI checks pass (build preview, lint, socket security, sidebar-reminder)
  • Contributor nftdreww is registered in contributors.json — frontmatter attribution is valid
  • Internal links verified: all anchors (#cold-admin-setup, #safety-setup, #automod, #anti-impersonation-bots, #member-screening-setup, #account-security-checklist, #admin-permissions-management, #best-practices-for-safe-use, #1-email-security, #best-practices--additional-tips) resolve to existing headings in the destination guides
  • Cross-framework links (/opsec/overview, /awareness/overview, /incident-management/overview) point to existing pages
  • No leftover debug content, TODO markers, or placeholder text
  • Content restructuring aligns with repo conventions (tables, topic indexes, descriptive links)
  • scode2277's prior review feedback (relative links, AttributionList import, removing manual ContributeFooter) has been addressed in subsequent commits

Minor Note (non-blocking)

  • overview.mdx contributor frontmatter lists ghadi8 as reviewer — this predates the PR and is unchanged. No action needed for this PR.

No blocking issues. Ready to merge.

@mattaereal mattaereal merged commit a158fbb into security-alliance:develop Jul 8, 2026
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

content:add This issue or PR adds content or suggests to

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants