Proactively ensures the Security of Electron as a project, responds to incoming incidents, and oversees rollout of fixes.
Avatar | Name | Role | Time Zone |
---|---|---|---|
Samuel Attard @MarshallOfSound | Chair | PST (Vancouver) | |
Jeremy Rose @nornagon | Member | PST (San Francisco) | |
Deepak Mohan @deepak1556 | Member | JST (Nagano) | |
Milan Burda @miniak | Member | CET (Prague) | |
Pedro Pontes @ppontes | Member | CET (Prague) | |
Keeley Hammond @VerteDinde | Member | PST | |
Shelley Vohr @codebytere | Member | CET (Berlin) |
Emeritus Members
Avatar | Name | Role | Time Zone |
---|---|---|---|
Cheng Zhao @zcbenz | Member | JST (Nagoya) |
- The reporting address: security@electronjs.org
- Coordinating fixes and disclosures of vulnerabilities
- Security of Electron as a project
- Build infrastructure
- Release tooling
- Credential management
- Proactive measures
- Fuzz testing
- Pen testing
- Security review of parts of the codebase
- Security sign-off on IPC and certain API related changes
All repositories in the electron
organization along with exclusive access
to electron/security
.
See Membership and Notifications
If a sitting member of the WG has not been active in a meaningful way for at least one month, the WG may vote to remove them from its set of sitting members.
This is done primarily to ensure that there are no open avenues of compromise for the project given that the Security WG confers notable permissions.
- Sync Meeting 1hr Weekly @ Wednesday 9:30AM PT
Meeting notes may be viewed in meeting-notes as they become available.