-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Catena-X Security Group (READ ONLY) #46
Comments
ping @netomi: Could you maybe have a look at this and clarify, if the EF would do something like that? |
we could create a separate team for the organization for all security team members and add that team as security managers for the organization. For some projects we added all committers as security managers, but that would not work for tractusx but the separate team that is anyway responsible for that would make sense. |
yeah, creating and updating the team should go via HelpDesk for visibility. |
Hi @SebastianBezold , @netomi , yes that would be great to have another team/group for the Catena-X security team. |
Open a HelpDesk ticket and list the names of people that should be part of that team + some approval from a project lead. |
Hi guys,
as mentioned in the office hours we currently have no committers by the security team that CAN SEE the security advisories due to view rights. To solve this we would like to be added to each product in the Tractus-X repo with READ rights.
Our Request To EF:
To achieve this efficientely it was suggested to have a SIG-Security group to be added as a TEAM in the Tractus-X repository.
Otherwise each product owner has to add each one of us with view rights to his product repository.
It would be great if you can create such a group as EF also has a security group with view rights.
Kind regards
Kristian Cicka
The text was updated successfully, but these errors were encountered: