vmalia
commented
4 months ago @rozhukov you can assign this one to me.
Closed rozhukov closed 4 months ago
vmalia
commented
4 months ago @rozhukov you can assign this one to me.
rozhukov
commented
4 months ago @vmalia I thought it's WIP already. Please let me know once done. Thx.
vmalia
commented
4 months ago @rozhukov I have maintainer permissions for the oneMKL project but cannot see the "Private Vulnerability Reporting" option.
Verified the same with another maintainer. Is there something else that needs to be configured for this option to appear?
rozhukov
commented
4 months ago @rozhukov I have maintainer permissions for the oneMKL project but cannot see the "Private Vulnerability Reporting" option.
Verified the same with another maintainer. Is there something else that needs to be configured for this option to appear?
Yes, you should be either owner or admin. With our internal Intel guidance I advised it many times to get added to owner-* GitHub teams. I think it'd make sense to re-evaluate access permissions and roles ones migration to UXL-owned org is done.
Adopt Public Security Policy (Security.md file) to UXL. (!) There is no Security.md file for oneMKL at all: https://github.com/oneapi-src/oneMKL?tab=security-ov-file You can use oneDNN as an example: Security.md Pay attention to Supported Versions section, it may vary based on your Support policy. Please add @rozhukov to the reviewers list.
Enable Private Vulnerability reporting GitHub Security tab -> Enable Vulnerability Reporting