Skip to content

Latest commit

 

History

History
62 lines (43 loc) · 2.86 KB

README.md

File metadata and controls

62 lines (43 loc) · 2.86 KB

Security WG

Proactively ensures the Security of Electron as a project, responds to incoming incidents, and oversees rollout of fixes.

Membership

Avatar Name Role Time Zone
@MarshallOfSound Samuel Attard @MarshallOfSound Chair PST (Vancouver)
@nornagon Jeremy Rose @nornagon Member PST (San Francisco)
@deepak1556 Deepak Mohan @deepak1556 Member JST (Nagano)
@miniak Milan Burda @miniak Member CET (Prague)
@ppontes Pedro Pontes @ppontes Member CET (Prague)
@VerteDinde Keeley Hammond @VerteDinde Member PST
@codebytere Shelley Vohr @codebytere Member CET (Berlin)

Emeritus Members

Emeritus Members
Avatar Name Role Time Zone
@zcbenz Cheng Zhao @zcbenz Member JST (Nagoya)

Areas of Responsibility

  • The reporting address: security@electronjs.org
  • Coordinating fixes and disclosures of vulnerabilities
  • Security of Electron as a project
    • Build infrastructure
    • Release tooling
    • Credential management
  • Proactive measures
    • Fuzz testing
    • Pen testing
    • Security review of parts of the codebase
    • Security sign-off on IPC and certain API related changes

Associated Repositories

All repositories in the electron organization along with exclusive access to electron/security.

Rules for Membership

See Membership and Notifications

WG Removal Policy

If a sitting member of the WG has not been active in a meaningful way for at least one month, the WG may vote to remove them from its set of sitting members.

This is done primarily to ensure that there are no open avenues of compromise for the project given that the Security WG confers notable permissions.

Meeting Schedule

  • Sync Meeting 1hr Weekly @ Wednesday 9:30AM PT

Meeting notes may be viewed in meeting-notes as they become available.