> On 26. Mar 2018, at 17:13, R. Tyler Croy <ty...@monkeypox.org> wrote: > > I'm curious why you assume that the security SIG would be broader in scope > than > the present day CERT?
Well, it _could_ be broader in scope. It certainly could be more open. Security isn't just finding and fixing vulnerabilities. Right now, general improvements (like Wadeck's API token PR[1] in core) or discussions related to security (perhaps about Jenkins' integrations with various auth providers) have no real home. Some of that happens in CERT sort of by default, but unless it's about an actual vulnerability, it's not necessary to keep it in a closed group only few can participate in. People without special permissions can still contribute. 1: https://github.com/jenkinsci/jenkins/pull/3271 -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/2061DF32-13B1-4921-B9AD-4E6CE9195BE4%40beckweb.net. For more options, visit https://groups.google.com/d/optout.