openedx/wg-security issues and pull requests

#42 - docs: Add a catalog-info.yaml file

Pull Request - State: closed - Opened by feanil about 2 months ago

#41 - Pilot tests on tools for Integrating Security Suites into GitHub CI

Issue - State: open - Opened by magajh 10 months ago

#40 - Best practices for securing GitHub CI workflows

Issue - State: open - Opened by magajh 10 months ago

#39 - Create process for following up on open security vulnerabilities

Issue - State: open - Opened by pshiu about 1 year ago

#38 - How can we make dependabot alerts useful and actionable?

Issue - State: open - Opened by feanil over 1 year ago

#37 - Advise on library for Django model field encryption-at-rest

Issue - State: open - Opened by pshiu over 1 year ago - 4 comments

#36 - Create training for Security WG to use maintainer contact information repo

Issue - State: closed - Opened by pshiu over 1 year ago - 2 comments

#35 - Help Discourse users remember where to report security concerns

Issue - State: open - Opened by pshiu over 1 year ago - 2 comments

#34 - On-board Maga to the Security Working Group

Issue - State: closed - Opened by feanil over 1 year ago - 1 comment

#33 - Review Secrets Scanning Results

Issue - State: open - Opened by feanil over 1 year ago

#32 - Add Security Policy to docs.openedx.org

Issue - State: closed - Opened by pshiu over 1 year ago - 2 comments

#31 - [proposal] Request creation of openedx/2u-security group

Issue - State: closed - Opened by pshiu over 1 year ago - 1 comment

#30 - Grant everyone on the security working group the "Security Manager" role on the `openedx` org

Issue - State: closed - Opened by feanil over 1 year ago - 1 comment

#29 - Move Axim Repos out of the `openedx` org

Issue - State: closed - Opened by feanil over 1 year ago - 1 comment

#28 - Ensure all SecWG members have the same/correct permissions on the [email protected] mailing list/group

Issue - State: closed - Opened by feanil almost 2 years ago - 2 comments

#27 - Look into how to create on-call rotation

Issue - State: closed - Opened by alangsto almost 2 years ago - 2 comments

#26 - Check [email protected] forward to [email protected]

Issue - State: closed - Opened by pshiu almost 2 years ago - 1 comment

#25 - Look into standardizing security configuration across repos

Issue - State: open - Opened by pshiu almost 2 years ago - 1 comment

#24 - Add security responsibilities to list of maintainer responsibilities

Issue - State: open - Opened by pshiu almost 2 years ago - 1 comment

#23 - Create on-call runbook/playbook

Issue - State: closed - Opened by pshiu almost 2 years ago - 8 comments

#22 - Work on security WG Conference Talk

Issue - State: closed - Opened by feanil almost 2 years ago

#21 - Publish a State Of Report for the Working Group

Issue - State: closed - Opened by feanil almost 2 years ago - 1 comment

#20 - Update onboarding doc with any changes post-tCRIL private repo moves

Issue - State: closed - Opened by pshiu almost 2 years ago - 2 comments

#19 - Update standard workflow files.

Pull Request - State: closed - Opened by feanil almost 2 years ago

#19 - Update standard workflow files.

Pull Request - State: closed - Opened by feanil almost 2 years ago

#18 - Setup a regular update reminder in the pubilc security channel so we can post async updates.

Issue - State: closed - Opened by feanil almost 2 years ago - 1 comment

#17 - Write up on-boarding and off-boarding steps for a new security WG Member

Issue - State: closed - Opened by feanil almost 2 years ago - 4 comments

#16 - Update all existing mentions of the [email protected] mailing list in the `openedx` github org to mention [email protected] instead.

Issue - State: closed - Opened by feanil almost 2 years ago - 7 comments

#15 - Check the wiki & codebase for mentions of [email protected]/@tcril.org and update it to [email protected]

Issue - State: closed - Opened by feanil almost 2 years ago - 8 comments

#14 - Announce the [email protected] mailing list on discourse.

Issue - State: open - Opened by feanil almost 2 years ago

#13 - Update all the current locations for how to report issues

Issue - State: open - Opened by feanil almost 2 years ago

#12 - Add all members to the Security WG Mailing List

Issue - State: closed - Opened by feanil almost 2 years ago - 1 comment

#11 - Initiative: Build "Spot the Vuln" puzzle hunt

Issue - State: open - Opened by pshiu almost 2 years ago

#10 - Discovery on better visibility for supply chain security issues

Issue - State: open - Opened by pshiu almost 2 years ago - 2 comments

#9 - Discovery on adding security suites to GitHub CI

Issue - State: open - Opened by pshiu almost 2 years ago - 3 comments

#8 - April 2024: Run annual security survey for 2024

Issue - State: open - Opened by pshiu almost 2 years ago - 1 comment

#7 - Research how to discourage public disclosure of unresolved security vulnerabilities

Issue - State: open - Opened by pshiu almost 2 years ago

#6 - Establish metrics that we can track for the work we're doing.

Issue - State: open - Opened by feanil almost 2 years ago

#5 - Help BTR Establish a Process for Taking Django Security Fixes

Issue - State: closed - Opened by feanil almost 2 years ago - 11 comments

#4 - Allow anyone to report security advisories on all public Open edX Repos

Issue - State: open - Opened by feanil almost 2 years ago

#2 - Update Security Policy and SECURITY.md

Issue - State: closed - Opened by feanil about 2 years ago - 5 comments

#1 - feat: Auto add issues to the SWG Project

Pull Request - State: closed - Opened by feanil about 2 years ago

GitHub / openedx/wg-security issues and pull requests