Security Steward Onboarding/OffBoarding
- Confirm the new steward agrees to keep all private information confidential
to the project and not to use/disclose to their employer.
- Add them to the security-stewards team in the GitHub nodejs-private
organization.
- Add them to the public website team.
- Ensure they have 2FA enabled in H1.
- Add them to the standard team in H1 using this
page.
- Add them as managers of the
nodejs-sec mailing list.
- Remove them from security-stewards team in the GitHub nodejs-private
organization.
- Remove them from public website team
- Unless they have access for another reason, remove them from the
standard team in H1 using this
page.
- Downgrade their account to regular member in the
nodejs-sec mailing list.