You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Open an issue in the nodejs/build repository titled Remove Collaborator from Coverity asking that the collaborator be removed from the Node.js coverity project if they had access.
There are currently five people with Maintainer/Owner role -- three from the Build WG, one from the TSC and one former Build WG/TSC.
Historically Build have had a maintainer role to be able to download the build tool from Coverity that is run on the CI to upload scans to Coverity.
I think the Coverity project should have other maintainers -- either the @nodejs/tsc or a subset such as the @nodejs/security-wg (since the items flagged by the tool are potentially exploitable) and am opening this issue to discuss if we want to expand/formalize who can manage membership of this account.
The text was updated successfully, but these errors were encountered:
Currently the offboarding process for nodejs/node collaborators has this:
https://github.com/nodejs/node/blob/e92446536ed4e268c9eef6ae6f911e384c98eecf/doc/contributing/offboarding.md?plain=1#L20-L23
This is for Node.js project we have with the static analysis Coverity tool at: https://scan.coverity.com/projects/node-js
There are currently five people with Maintainer/Owner role -- three from the Build WG, one from the TSC and one former Build WG/TSC.
Historically Build have had a maintainer role to be able to download the build tool from Coverity that is run on the CI to upload scans to Coverity.
I think the Coverity project should have other maintainers -- either the @nodejs/tsc or a subset such as the @nodejs/security-wg (since the items flagged by the tool are potentially exploitable) and am opening this issue to discuss if we want to expand/formalize who can manage membership of this account.
The text was updated successfully, but these errors were encountered: