Very much on topic for our working group, I came across this article the other day that speaks to things near and dear to my (and many others) heart(s). Take a few minutes to read this article and thi

Team – Please review Issue 120(1) that speaks to reviewing and voting to approve our WG Charter. We’d love your feedback if changes are needed and then for you to express if we adopt it or refuse it u

All, FYI: GitHub now supports private reporting of security vulnerabilities to projects! This is a big deal. Details here: https://docs.github.com/en/code-security/security-advisories/guidance-on-repo

SIG & friends – The OSS-SIRT SIG has been working since summer to revise the initial OpenSSF’s Mobilization Plan(1) Stream 5. We are pleased to announce that our work is nearly complete and we are see

Subject: [OpenSSF] The US Securing Open Source Software Act of 2022 is a step in the right direction Good day from Singapore, I have just come across this article. Sharing it for more awareness. Artic

Hello group! During our WG call this week we talked about three possible next projects for the group (listed below). Please take some time before out next call and review each and provide any thoughts

Hi all, As discussed on the TAC call yesterday, just a quick note to share that: We will be cancelling all OpenSSF meetings during the holiday periods of Nov. 24-25 and Dec. 26-30. Please let us know

Hello! OpenSSF Staff are undertaking an effort to provide better data and reporting to our community in a number of different ways. One of these ways is to gauge Working Group and committee participat

Hello everyone. The Vuln Disclosure WG is pleased to announce that the .01 version of our Coordinated disclosure guide for Finders working with OSS maintainers(1) has been published! We’ll be part of

Team – I need your feedback on the new home for our CVD Guide for Finders by this Friday. Do we: Make a new repo for the guide Use the existing repo (https://github.com/ossf/oss-vulnerability-guide) a

Please join us for a quick session to run the CVD Guide through the Grammarly tool to help improve the readability of the doc prior to us moving it into its new GitHub home! __________________________

Hello all. Attached is a PDF copy of the WG update I gave today in the TAC. If anyone has any questions or comments, please let me know! Cheers, CRob Director of Security Communications Intel Product

Team – THANK YOU for all the amazing collab so far. Due to all of YOUR hard work we have reached the next milestone of our efforts – we are now ready to start fleshing out the skeleton of our plan(1),

Hey team. Our new target for delivery of the Finder CVD guide(1) is 6Sept. That means we need to get the text wrapped up so we can get help from the LF copyeditors around 31Aug. To that end, we’re goi

Hi everyone, In today's meeting, we decided that our goal date to complete the OSS Coordinated Disclosure Guide for Finders is August 31 (21 days away!) so that LF editors can finalize the doc before

Hello, all! During the call today, Madison made the helpful observation that our next call (August 10) lands during Black Hat/DEFCON, so many people may not be available. How would we like the handle

Sorry for the mis-posting, this was directed at +openssf-wg-vul-disclosures@... , as a follow-up to the meeting yesterday.-- Francis Perron Open Source Security @ Google LLC

Greetings Open Source Friends – On behalf of the OSSF’s Vulnerability Disclosure Working Group(1) I am pleased to announce that we will be adopting Stream 5 and parts of Stream 6 from the OSSF Mobiliz

ACTION REQUIRED BY EoD 10JUNE2022 Team – If you are interested in collaborating on further developing the plan laid out by the OSSF(1) please fill out the doodle(2) below to let us know your intereste

The voting has concluded. Out of those that expressed a preference, 4 of the group voted to remove the memes, and 1 voted to keep them. Several others expressed opinions but did not come down on the b