Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

doc: add docker-team as resource #1426

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

doc: add docker-team as resource #1426

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
90688db
doc: add docker-team as resource
RafaelGSS Jan 16, 2025
83c800b
Update MAINTAINERS_THREAT_MODEL.md
RafaelGSS Jan 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 25 additions & 24 deletions MAINTAINERS_THREAT_MODEL.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,30 +30,31 @@ repositories in the org, like Working groups or subteams.
> ¹ - All repositories with code that get published or has some impact on nodejs/core
> ² - Releasers has access to run CI during CI Embargo (Security Release)

| Resource | External people | Contributors - Core/Triagers/WG | Build - Test/Infra/Admin | Admin - TSC/Releasers/Moderation | Security Stewards/Triagers/External | GitHub - Actions/Plugins |
|- |- |- |- |- |- |- |
| **HackerOne** | - | -\-\- | -\-\- | aw- | www | -\- |
| **MITRE** | - | -\-\- | -\-\- | a-\- | w-\- | -\- |
| **private/node-private** | - | -\-\- | www | aw- | w-w | -\- |
| **private/security-release** | - | -\-\- | -\-\- | a-\- | ww- | -\- |
| **private/secrets** | - | -\-\- | www | a-\- | -\-\- | -\- |
| **nodejs/node** | r | wrr | rrw | awa | rrr | wr |
| **nodejs/deps¹** | r | rrr | rrw | arr | rrr | wr |
| **nodejs/build** (GH) | r | rrr | rrw | awa | rrr | wr |
| **nodejs/node-core-utils** | r | rrr | rrw | awa | rrr | wr |
| **npm account** | - | - | -a- | a-\- | -\-\- | -\- |
| **Jenkins CI - test** | r | ww- | wwa | -w²- | -\-\- | ww |
| **Jenkins CI - release** | - | -\-\- | -ww | -w- | -\-\- | -\- |
| **Infra - test** | - | w-\- | aaa | ww- | -w- | ww |
| **Infra - release** | - | -\-\- | -ww | -w- | -\-\- | -\- |
| **Build infra** | - | -\-\- | -a- | -\-\-| -\-\- | -\- |
| **Website Infra** | - | -\-\- | -a- | a-\- | -\-\- | -\- |
| **Youtube** | - | -\-w | -\-\- | a-\- | -\-\- | -\- |
| **Zoom** | r | rrw | -\-\- | a-\- | -\-\- | -\- |
| **1Password** | - | -\-r | -\-\- | a-\- | -\-\- | -\- |
| **Social media accounts** | - | -\-\- | -\-\- | -\-\-| -\-\- | -\- |
| **Email** (nodejs-sec) | r | rrr | rrr | awr | wrr | rr |
| **Email** (io.js aliases) | r | -\-\- | -a- | w-\- | -\-\- | -\- |
| Resource | External people | Contributors - Core/Triagers/WG | Build - Test/Infra/Admin | Admin - TSC/Releasers/Moderation | Security Stewards/Triagers/External | GitHub - Actions/Plugins | Docker Team |
|- |- |- |- |- |- |- |- |
| **HackerOne** | - | -\-\- | -\-\- | aw- | www | -\- | - |
| **MITRE** | - | -\-\- | -\-\- | a-\- | w-\- | -\- | - |
| **private/node-private** | - | -\-\- | www | aw- | w-w | -\- | - |
| **private/security-release** | - | -\-\- | -\-\- | a-\- | ww- | -\- | - |
| **private/secrets** | - | -\-\- | www | a-\- | -\-\- | -\- | - |
| **nodejs/node** | r | wrr | rrw | awa | rrr | wr | r |
| **nodejs/deps¹** | r | rrr | rrw | arr | rrr | wr | r |
| **nodejs/build** (GH) | r | rrr | rrw | awa | rrr | wr | r |
| **nodejs/docker-node** (GH) | r | rrr | rrw | awa | rrr | wr | w |
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Build has no write access to any of the Docker stuff, so should probably be rrr instead of rrw.

| **nodejs/node-core-utils** | r | rrr | rrw | awa | rrr | wr | r |
| **npm account** | - | - | -a- | a-\- | -\-\- | -\- | - |
| **Jenkins CI - test** | r | ww- | wwa | -w²- | -\-\- | ww | - |
| **Jenkins CI - release** | - | -\-\- | -ww | -w- | -\-\- | -\- | w |
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I might be reading this table wrong, but this seems incorrect?

| **Infra - test** | - | w-\- | aaa | ww- | -w- | ww | - |
| **Infra - release** | - | -\-\- | -ww | -w- | -\-\- | -\- | r |
| **Build infra** | - | -\-\- | -a- | -\-\-| -\-\- | -\- | - |
| **Website Infra** | - | -\-\- | -a- | a-\- | -\-\- | -\- | - |
| **Youtube** | - | -\-w | -\-\- | a-\- | -\-\- | -\- | - |
| **Zoom** | r | rrw | -\-\- | a-\- | -\-\- | -\- | - |
| **1Password** | - | -\-r | -\-\- | a-\- | -\-\- | -\- | - |
| **Social media accounts** | - | -\-\- | -\-\- | -\-\-| -\-\- | -\- | - |
| **Email** (nodejs-sec) | r | rrr | rrr | awr | wrr | rr | - |
| **Email** (io.js aliases) | r | -\-\- | -a- | w-\- | -\-\- | -\- | - |

Repos under nodejs which do not include code, are not covered as they cannot lead to the threats listed.
pkgjs.org is excluded as it does not include code/repos that make it into Node.js binaries
Expand Down
Loading