Skip to content

feat(nb): Guide to report security vulnerabilities #485

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 17, 2025
Merged

feat(nb): Guide to report security vulnerabilities #485

merged 1 commit into from
Jul 17, 2025

Conversation

andreyvelich
Copy link
Member

Part of: kubeflow/community#851, kubeflow/community#858.

This doc explains how to report security vulnerability for Kubeflow Notebooks project. This is required for CNCF graduation.

/cc @kubeflow/kubeflow-steering-committee @kimwnasptd @thesuperzapper @ederign @paulovmr

@github-project-automation github-project-automation bot moved this to Needs Triage in Kubeflow Notebooks Jul 14, 2025
@google-oss-prow Google OSS Prow
Copy link

@andreyvelich: GitHub didn't allow me to request PR reviews from the following users: kubeflow/kubeflow-steering-committee.

Note that only kubeflow members and repo collaborators can review this PR, and authors cannot review their own PRs.

In response to this:

Part of: kubeflow/community#851, kubeflow/community#858.

This doc explains how to report security vulnerability for Kubeflow Notebooks project. This is required for CNCF graduation.

/cc @kubeflow/kubeflow-steering-committee @kimwnasptd @thesuperzapper @ederign @paulovmr

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@google-oss-prow google-oss-prow bot requested a review from paulovmr July 14, 2025 21:49
@andreyvelich andreyvelich changed the title feat(docs): Guide to report security vulnerabilities feat(nb): Guide to report security vulnerabilities Jul 14, 2025
@andyatmiami
Copy link
Contributor

/ok-to-test

/lgtm

Material follows other SECURITY.md documents present in Kubeflow components - while also containing appropriate specific references to Notebooks itself.

@google-oss-prow google-oss-prow bot added the lgtm label Jul 15, 2025
@andreyvelich
Copy link
Member Author

@kimwnasptd @thesuperzapper Can you /approve this PR please ?

@thesuperzapper
Copy link
Member

While we have not agreed on a support policy for Notebooks v2 yet (e.g. minor version -1 gets security patches), this is a good start, so we can merge for now.

/lgtm
/approve

@google-oss-prow Google OSS Prow
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: thesuperzapper

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@google-oss-prow google-oss-prow bot merged commit 616d1a8 into kubeflow:main Jul 17, 2025
6 of 8 checks passed
@github-project-automation github-project-automation bot moved this from Needs Triage to Done in Kubeflow Notebooks Jul 17, 2025
@andreyvelich andreyvelich deleted the security-doc branch July 17, 2025 15:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kimwnasptd kimwnasptd Awaiting requested review from kimwnasptd

@thesuperzapper thesuperzapper Awaiting requested review from thesuperzapper

@ederign ederign Awaiting requested review from ederign

@paulovmr paulovmr Awaiting requested review from paulovmr

Assignees

@thesuperzapper thesuperzapper

@andyatmiami andyatmiami

Labels

approved lgtm ok-to-test size/M

Projects

Kubeflow Notebooks
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@andreyvelich @andyatmiami @thesuperzapper