Hi everyone, I’m reaching out to ask for volunteers to help improve and expand our project’s security documentation.
Over time, it’s become clear that parts of our current documentation are either outdated or not as clear as they should be—especially around security-related behaviors and configuration options. To make the project safer and easier to use, we’d like to refine these sections and ensure they properly reflect intended features, potential risks, and best practices. If you have experience with security, documentation, or just a good eye for clarity and structure, your help would be greatly appreciated. Contributions could include: - Reviewing existing security docs for accuracy and completeness - Clarifying configuration-related behaviors and their implications - Adding guidance on safe usage and common pitfalls - Improving overall readability and structure - Add guidelines for reporting potential vulnerabilities - Merge the existing security documentation pages: https://brooklyn.apache.org/community/security/ and https://brooklyn.apache.org/v/latest/ops/security-guidelines.html - Document critical configuration flags that can affect security, eg YAML_TYPE_INSTANTIATION If you’re interested in helping, please reply here or reach out directly. We can coordinate on scope, priorities, and next steps. Thanks in advance to anyone willing to contribute—this will make a meaningful difference for the project and its users. Kind regards Juan Cabrerizo
