Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create 2024-Q4-VULN-WG.md #407

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Create 2024-Q4-VULN-WG.md #407

wants to merge 8 commits into from

Conversation

SecurityCRob
Copy link
Contributor

@SecurityCRob SecurityCRob commented Nov 5, 2024
edited
Loading

Draft pr for vuln wg update.

Will notify TAC when PR is complete and ready for review.

@SecurityCRob SecurityCRob added DRAFT Indicates that a PR should not merge because it is a work in progress. TI Update Quarterly TI update. Needs 5 approvals, 7d review. labels Nov 5, 2024
@SecurityCRob SecurityCRob requested a review from a team as a code owner November 5, 2024 17:17
mlieberman85
mlieberman85 approved these changes Nov 7, 2024
View reviewed changes
Copy link
Contributor

@mlieberman85 mlieberman85 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops, didn't realize this was still in draft. I know there's the draft label, but does it make more sense to just use the built in Github draft functionality?

steiza
steiza reviewed Nov 17, 2024
View reviewed changes
Copy link
Member

@steiza steiza left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Minor: the path of the file is weird, it looks like it includes TI-reports/2024 twice?

@marcelamelara
Copy link
Contributor

Is this PR ready to be reviewed? I see the DRAFT label, but the PR is marked as ready. Thanks!

@lehors
Copy link
Contributor

lehors commented Nov 26, 2024

Is this PR ready to be reviewed? I see the DRAFT label, but the PR is marked as ready. Thanks!

The status is indeed a bit confusing. It looks like some sections are still to be completed though.

@SecurityCRob SecurityCRob added For Review and removed DRAFT Indicates that a PR should not merge because it is a work in progress. labels Dec 2, 2024
marcelamelara
marcelamelara requested changes Dec 3, 2024
View reviewed changes
Copy link
Contributor

@marcelamelara marcelamelara left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aside from the TTX exercises and general WG activities, the sparse current status updates and empty "Up Next" sections give the impression that the SIGs aren't particularly active at the moment. Are they on hiatus or are there other concerns that need the TAC's attention?

steiza
steiza approved these changes Dec 4, 2024
View reviewed changes
Copy link
Member

@steiza steiza left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I share @marcelamelara's concerns about the sparse updates, but I think that with the time that has passed, this is all we're going to get for now.

Separately, there's an upcoming working group leads meeting where we'll asking folks to start thinking about 2025 plans.

steiza
steiza requested changes Dec 4, 2024
View reviewed changes
Copy link
Member

@steiza steiza left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops! I didn't realize we hadn't fixed the path of the file yet. Can we change it from TI-reports/2024/TI-reports/2024/2024-Q4-VULN-WG.md to TI-reports/2024/2024-Q4-VULN-WG.md please?

sevansdell
sevansdell approved these changes Dec 6, 2024
View reviewed changes
Copy link
Contributor

@sevansdell sevansdell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see this update was scheduled for Nov 12, and that meeting was cancelled. We don't have another Vuln WG update for this year at a TAC meeting. The first time you present in 2025, will you please let the TAC know how community participation is going? There's not a lot in the Up Next section or current activities. I want to know if there are activities in the pipeline to support the Roadmap in the MVSR, or if the group is in a "maintenance" / quiet mode for now. What do you need from TAC/GB accomplish any goals you'd like to do?

marcelamelara
marcelamelara approved these changes Dec 16, 2024
View reviewed changes
Copy link
Contributor

@marcelamelara marcelamelara left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the interest of moving this along, I'm going to accept this, but I do hope for a more detailed update in Q1 of 2025, especially around WG health and community engagement.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andrewpollock andrewpollock andrewpollock left review comments

@steiza steiza steiza requested changes

@sevansdell sevansdell sevansdell approved these changes

@marcelamelara marcelamelara marcelamelara approved these changes

@mlieberman85 mlieberman85 mlieberman85 approved these changes

@lehors lehors Awaiting requested review from lehors

@taladrane taladrane Awaiting requested review from taladrane

Requested changes must be addressed to merge this pull request.

Assignees

@taladrane taladrane

@SecurityCRob SecurityCRob

Labels
For Review TI Update Quarterly TI update. Needs 5 approvals, 7d review.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@SecurityCRob @marcelamelara @lehors @steiza @mlieberman85 @andrewpollock @taladrane @sevansdell