sec: Create private repo as part of new advisory step

This commit is contained in:
Trent Nelson 2021-03-11 18:34:44 -07:00 committed by mergify[bot]
parent 952c3bcbb7
commit 209dbb6f7c
1 changed files with 3 additions and 2 deletions

View File

@ -60,8 +60,9 @@ followed to contain, respond and remediate:
### 1. Establish a new draft security advisory
In response to an email to security@solana.com, a member of the `solana-labs/admins` group will
1. Create a new draft security advisory for the incident at https://github.com/solana-labs/solana/security/advisories
2. Add the reporter's github user and the `solana-labs/security-incident-response` group to the draft security advisory
3. Respond to the reporter by email, sharing a link to the draft security advisory
1. Add the reporter's github user and the `solana-labs/security-incident-response` group to the draft security advisory
1. Create a private fork of the repository (grey button towards the bottom of the page)
1. Respond to the reporter by email, sharing a link to the draft security advisory
### 2. Triage
Within the draft security advisory, discuss and determine the severity of the