| | | |
|---|
Updates on Release 1.9 | | @Yogesh Pandey | Lucas reached out to yogesh, for C++ changes and new feature changes to look into security POV for 1.9, still blocked on CI/CD dashboard |
Bug Bounty Program | Hackerone setup in progress If you want to be subscribed to the bugbounty mailing list, please let ben know Lucas proposed "refactor reviewdog-workflow.yml for security" https://github.com/magma/security/issues/147 Som proposed windowing scheme The Security WG discussed disclosure of security weakness in bounties for fixing them.
| | hackerone in LF legal review Arrived on policy for disclosing security issues: ok to disclose if trivial, otherwise we will reserve bug bounties for trusted contributors. Refactoring reviewdog-workflow.yml approved. Lucas to move the issue from the security repo to the public repo. (https://github.com/magma/magma/issues/15192) Bounty amounts need to be defined Shubham to document two bounty proposals: upgrade Kubernetes; create CI job to scan Docker images for vulnerabilities using trivy Som to create a page in the LF wiki on the bounty program. Need draft Quickstart for anyone who wants to recommend a bug bounty program (process & timeline) - Jordan will start doc, Ben add in budget info. Bounty Program Process
[ NEED TO CLOSE THIS - TSC members please review/comment]
|
Outreach Report | | @Som Sikdar | Action items and next steps are captured in document Pick topics and date for next town hall Bevy page is live. Can tweak description, presenters as needed.
|
Other: | General discussion on interest in eBPF project (migration from OVS) | @Pravin Shelar | |
Community contribution: service conf script | Javier Aubert has created a script*
for getting all services running. Let's discuss how to move it forward. | @Lucas Gonze | |
What's Next For Magma | | @Jordan Vrtanoski | |
Review Latest Q&A In Github | | @Lucas Gonze | |
