Open dblock opened 1 month ago
I will take this up and start the work.
PR - https://github.com/opensearch-project/.github/pull/223. Addresses the first issue, will add subsequent PRs separately.
Adding more maintainers to form core Security Response Team - https://github.com/opensearch-project/.github/pull/232
What/Why
What are you proposing?
Currently security mailing lists and processes are administered with help from Amazon. For example, in https://github.com/opensearch-project/.github/blob/main/RESPONSIBILITIES.md#prioritize-security we say "Note that this repository is monitored and supported 24/7 by Amazon Security, see Reporting a Vulnerability for details." and security @ mailing list is managed by AWS.
What users have asked for this feature?
Since https://www.linuxfoundation.org/press/linux-foundation-announces-opensearch-software-foundation-to-foster-open-collaboration-in-search-and-analytics.
What problems are you trying to solve?
Security should be managed by a trusted and diverse community.