Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Node.js Coverity project maintainers #925

Open
richardlau opened this issue Oct 21, 2024 · 2 comments
Open

Node.js Coverity project maintainers #925

richardlau opened this issue Oct 21, 2024 · 2 comments

Comments

@richardlau
Copy link
Member

Currently the offboarding process for nodejs/node collaborators has this:
https://github.com/nodejs/node/blob/e92446536ed4e268c9eef6ae6f911e384c98eecf/doc/contributing/offboarding.md?plain=1#L20-L23

  • Open an issue in the nodejs/build repository titled Remove Collaborator from Coverity asking that the collaborator be removed from the Node.js coverity project if they had access.

This is for Node.js project we have with the static analysis Coverity tool at: https://scan.coverity.com/projects/node-js

There are currently five people with Maintainer/Owner role -- three from the Build WG, one from the TSC and one former Build WG/TSC.

Historically Build have had a maintainer role to be able to download the build tool from Coverity that is run on the CI to upload scans to Coverity.

I think the Coverity project should have other maintainers -- either the @nodejs/tsc or a subset such as the @nodejs/security-wg (since the items flagged by the tool are potentially exploitable) and am opening this issue to discuss if we want to expand/formalize who can manage membership of this account.

@mcollina
Copy link
Member

I'd be happy to be added.

@RafaelGSS
Copy link
Member

+1 TSC as owners

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants