13acc859f7
* doc: initial document for GHSA triage and publish * fix: lint |
||
|---|---|---|
| .. | ||
| meeting-notes | ||
| README.md | ||
| ghsa-triage-process.md | ||
| membership-and-notifications.md | ||
README.md
Security WG
Proactively ensures the Security of Electron as a project, responds to incoming incidents, and oversees rollout of fixes.
Membership
| Avatar | Name | Role | Time Zone |
|---|---|---|---|
 |
Samuel Attard @MarshallOfSound | Chair | PST (Vancouver) |
 |
Jeremy Rose @nornagon | Member | PST (San Francisco) |
 |
Deepak Mohan @deepak1556 | Member | JST (Nagano) |
 |
Milan Burda @miniak | Member | CET (Prague) |
 |
Pedro Pontes @ppontes | Member | CET (Prague) |
 |
Keeley Hammond @VerteDinde | Member | PST |
 |
Shelley Vohr @codebytere | Member | CET (Berlin) |
Emeritus Members
Emeritus Members
| Avatar | Name | Role | Time Zone |
|---|---|---|---|
 |
Cheng Zhao @zcbenz | Member | JST (Nagoya) |
Areas of Responsibility
- The reporting address: security@electronjs.org
- Coordinating fixes and disclosures of vulnerabilities
- Security of Electron as a project
- Build infrastructure
- Release tooling
- Credential management
- Proactive measures
- Fuzz testing
- Pen testing
- Security review of parts of the codebase
- Security sign-off on IPC and certain API related changes
Associated Repositories
All repositories in the electron organization along with exclusive access
to electron/security.
Rules for Membership
See Membership and Notifications
WG Removal Policy
If a sitting member of the WG has not been active in a meaningful way for at least one month, the WG may vote to remove them from its set of sitting members.
This is done primarily to ensure that there are no open avenues of compromise for the project given that the Security WG confers notable permissions.
Meeting Schedule
- Sync Meeting 1hr Weekly @ Wednesday 9:30AM PT
Meeting notes may be viewed in meeting-notes as they become available.