Slack |
---|
The Slack channel above is public. Please use our email for reporting security vulnerabilities. |
We help triage security issues and continuously improve the Open edX project’s security posture. We:
Send security issues to the right maintainer.
Tell the maintainer how important the security issue is using CVSS.
Follow up with maintainers to ensure that vulnerabilities have been patched.
See Join us.
Person | Organization |
---|---|
Feanil Patel, Chair | tCRIL |
2U | |
eduNext |
Person | Organization | Expertise |
---|---|---|
Prefer async coordination with a synchronous meeting every 2 weeks.
Ad-hoc meeting for specific decision making encouraged.
2 week triage rotation to respond to incoming reports.
For task tracking:
General: wg-security GitHub Issues.
Repository-specific: a GitHub Issue or GitHub Security Advisory in that repo.
#wg-security in Slack
Security Announcements in Discourse
https://github.com/orgs/openedx/projects/45/views/1 in GitHub Issues