Dear committers,
In the coming days, two new teams will be created on all GitHub organizations managed by the Eclipse Foundation: eclipsefdn-security and eclipsefdn-releng. All members of these teams will be Eclipse Foundation staff members. Members of the eclipsefdn-security team are listed on https://www.eclipse.org/security/team.php:
while members of the eclipsefdn-releng team currently are:
Note that the members of these teams will NOT receive write permissions to the project's code repository. The primary purpose of creating these teams is to reduce our reliance on the webmaster account for all activities, and have better defined roles and responsibilities. Creating these teams is our first step towards this goal.
Team members will eventually get elevated permissions at the organization level and will be granted write permission to an Eclipse Foundation specific repository that will be named .eclipsefdn. This repository will host the GitHub configuration as-code for the organization and will be accessible by any committer. This is part of our effort to offer more self-service to projects when it comes to their GitHub configuration.
Finally, the eclipsefdn-security team will also be eventually granted the security manager role to be able to track reported vulnerabilities and help projects with dealing with these reports. Projects can also request this role to be assigned to committers, as hinted in a recent update about vulnerability reporting.
We understand that you may have questions about this change. We encourage you to open a ticket at the help desk, where we will be able to assist you.
Thank you!