[openstack-dev] [Horizon] Nominations to Horizon Core

Monty Taylor mordred at inaugust.com
Wed Dec 11 17:28:14 UTC 2013

On 12/11/2013 03:51 PM, Russell Bryant wrote:
> On 12/10/2013 05:57 PM, Paul McMillan wrote:
>> +1 on Tatiana Mazur, she's been doing a bunch of good work lately.
>> I'm fine with me being removed from core provided you have someone else qualified to address security issues as they come up. My contributions have lately been reviewing and responding to security issues, vetting fixes for those, and making sure they happen in a timely fashion. Fortunately, we haven't had too many of those lately. Other than that, I've been lurking and reviewing to make sure nothing egregious gets committed.
>> If you don't have anyone else who is a web security specialist on the core team, I'd like to stay. Since I'm also a member of the Django security team, I offer a significant chunk of knowledge about how the underlying security protections are intended work.
> Security reviews aren't done on gerrit, though.  They are handled in
> launchpad bugs.  It seems you could still contribute in this way without
> being on the horizon-core team responsible for reviewing normal changes
> in gerrit.
> The bigger point is that you don't have to be on whatever-core to
> contribute productively to reviews.  I think every project has people
> that make important review contributions, but aren't necessarily
> reviewing regularly enough to be whatever-core.

And as a follow up - I betcha the vulnerability-management team would
LOVE to have you!

More information about the OpenStack-dev mailing list