New Core Team Member, Security Team Leader

January 29, 2018 · Published by Avatar of Fabien Potencier Fabien Potencier

Handling security issues responsibly and transparently is key to the success of any Open-Source project. Symfony is no exception. We documented the process of our security management policy a long time ago. Communication with the reporter, working on a fix, testing and validating the fix, coordinating with downstream projects, assigning CVE numbers, explaining the issue in a detailed blog post, and publishing security versions are some of the activities required to handle a security issue. From the initial email to resolution, dealing with a security issue can take as much as 6 months. That's a lot of time and energy. Up until now, the core team was in charge of the whole process. And I must admit that working on security issues on top of managing the Symfony project is getting difficult.

Today, I'm very happy and proud to announce that we are getting to the next level. Michael Cullum accepted to join the Symfony Core Team to lead the security team. He will be responsible for managing the security process.

You probably know Michael already. He is the secretary of PHP FIG and the PHPBB manager, a project that uses Symfony extensively.

Join me in welcoming Michael in his new role. If you want to help with the process, please contact him. And don't forget to use the security@symfony.com email to report security issues... Michael is ready to help.

Published in #Community

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.

Comments

Avatar of Maxime Steinhausser
Maxime Steinhausser Certified said on Jan 29, 2018
Great news! Welcome Michael!
Avatar of Bastien DURAND
Bastien DURAND said on Jan 29, 2018
Welcome in the core team Michael!
Avatar of Javier Eguiluz
Javier Eguiluz Certified said on Jan 29, 2018
This is great. Handling security issues is critical and now it couldn't be in better hands. Welcome Michael!!
Avatar of Lynn van der Berg
Lynn van der Berg said on Jan 29, 2018
Great news! Welcome!
Avatar of Alessandro Lai
Alessandro Lai said on Jan 29, 2018
Congratulations Michael!
Avatar of Lukasz Podlewski
Lukasz Podlewski said on Jan 29, 2018
Welcome!
Avatar of Jérôme Tamarelle
Jérôme Tamarelle said on Jan 29, 2018
Thank you Michael for taking this critical responsibility.
Avatar of Smaine Milianni
Smaine Milianni Certified said on Jan 29, 2018
Great ! Welcome Michael !
Avatar of Philippe Gamache
Philippe Gamache said on Mar 19, 2018
Super! Now who's on this team? Do you require new member?
Avatar of Javier Eguiluz
Javier Eguiluz Certified said on Mar 19, 2018
@Philippe here you can find the list of members and how are they elected: https://symfony.com/doc/current/contributing/code/core_team.html

Comments are closed.

To ensure that comments stay relevant, they are closed for old posts.