1
0
mirror of https://github.com/RPCS3/llvm-mirror.git synced 2024-11-25 20:23:11 +01:00
Commit Graph

9 Commits

Author SHA1 Message Date
Ahmed Bougacha
50227f56b6 [docs] Describe reporting security issues on the chromium tracker.
To track security issues, we're starting with the chromium bug tracker
(using the llvm project there).

We considered using Github Security Advisories.  However, they are
currently intended as a way for project owners to publicize their
security advisories, and aren't well-suited to reporting issues.

This also moves the issue-reporting paragraph to the beginning of the
document, in part to make it more discoverable, in part to allow the
anchor-linking to actually display the paragraph at the top of the page.

Note that this doesn't update the concrete list of security-sensitive
areas, which is still an open item.  When we do, we may want to move the
list of security-sensitive areas next to the issue-reporting paragraph
as well, as it seems like relevant information needed in the reporting
process.

Finally, when describing the discission medium, this splits the topics
discussed into two: the concrete security issues, discussed in the
issue tracker, and the logistics of the group, in our mailing list,
as patches on public lists, and in the monthly sync-up call.

While there, add a SECURITY.md page linking to the relevant paragraph.

Differential Revision: https://reviews.llvm.org/D100873
2021-05-19 15:21:50 -07:00
Ahmed Bougacha
4a04d21325 [docs] Replace Apple representative to security group.
Differential Revision: https://reviews.llvm.org/D100864
2021-04-27 11:00:49 -07:00
George Burgess IV
f2c39381e1 docs: Adding Google representative to the security group
This adds me as a Google representative for the LLVM security group.

This was proposed, discussed, and voted on in the differential revision
linked below; please see it for more information.

Differential Revision: https://reviews.llvm.org/D99232
2021-03-26 18:55:37 -07:00
Artur Pilipenko
12e6efee22 Adding new Azul representative to security group
Adding myself as a new Azul representative to security group.

Differential Revision: https://reviews.llvm.org/D89287
2020-10-19 22:41:19 -07:00
Pietro Albini
70207b468c Add expected response time and escalation path to the security docs
Following up on the discussion within the group during the roundtable at
the 2020 LLVM Developers Meeting, this commit adds to the security docs:

* How long we expect acknowledging security reports will take
* The escalation path the reporter can follow if they get no response

A temporary line inviting reporters to directly follow the escalation
path while the mailing list is being setup is also added.

Differential Revision: https://reviews.llvm.org/D89068
2020-10-13 10:57:06 +02:00
Philip Reames
f5a55066e4 Step down from security group
Resigning from security group as Azul representative as I have left Azul.  Previously communicated via email with security group.

Differential Revision: https://reviews.llvm.org/D88933
2020-10-10 09:48:02 -07:00
JF Bastien
5da192d70b Step down from security group
Propose Ahmed as a replacement. He's fixed many security issues in LLVM for Apple in the last few years, as such he'll fit the "Individual contributors" description.

Differential Revision: https://reviews.llvm.org/D86742
2020-09-03 08:44:27 -07:00
Kazu Hirata
fc9284d5ff [docs] Fix typos 2020-08-09 19:31:49 -07:00
JF Bastien
eeaec0b209 [docs] LLVM Security Group and Process
Summary:
See the corresponding RFC on llvm-dev for a discussion of this proposal.
  http://lists.llvm.org/pipermail/llvm-dev/2019-November/136839.html

Subscribers: jkorous, dexonsmith, arphaman, ributzka, llvm-commits

Tags: #llvm

Differential Revision: https://reviews.llvm.org/D70326
2020-07-10 15:24:02 -07:00