Date/Time: 2018-02-08 @ 14:00 UTC / 09:00 EST / 22:00 HKT
Length: 45 minutes
Meeting link: https://zoom.us/j/416493133
Our current process works something like this:
@aaron triages new reports and addresses the issues himself if they’re in packages where he’s best suited to addressing them. Otherwise he’ll usually reach out to the team member that is best suited to addressing the vulnerability.
Once the vulnerability is addressed, that person makes a comment on the Hackerone report and @aaron awards the bounty.
- Should we pause the program for a while?
- If not, should we redefine/reduce the scope of the program?
- Who is responsible for these reports currently?
- Who should be responsible for these reports going forward?
Please reply to this forum post with items you would like included on the agenda.
Each item should include:
- Item name
- Background information: Links to github issues, forum posts, etc with background information on the item
- Desired outcome: what decision or deliverable would you like from the discussion of this topic at the meeting?
We’ll save ~10 minutes or so for community questions or comments at the end of the meeting.
I’ll turn proposed items into an agenda prior to the the meeting.