Skip to content

CY25 Q2 Vulnerability Disclosures WG TAC Update #483

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Aug 11, 2025
Merged

CY25 Q2 Vulnerability Disclosures WG TAC Update #483

merged 4 commits into from
Aug 11, 2025

Conversation

taladrane
Copy link
Contributor

This pull request adds a detailed quarterly update for the OpenSSF Vulnerability Disclosures Working Group (WG) for Q2 2025. The report outlines the group's mission, current status, recent activities, and upcoming plans. Apologies for getting this in so close to the TAC meeting! 🙇‍♀️

@taladrane
Create 2025-Q2-VD-WG.md
f4da72f 
Signed-off-by: Madison Oliver <[email protected]>
@taladrane taladrane requested a review from a team as a code owner May 13, 2025 14:12
gkunz
gkunz approved these changes May 13, 2025
View reviewed changes
Copy link
Contributor

@gkunz gkunz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work.

lehors
lehors reviewed May 13, 2025
View reviewed changes
taladrane and others added 2 commits May 13, 2025 11:01
@taladrane @gkunz
Update TI-reports/2025/2025-Q2-VD-WG.md
dd1bb4b 
Co-authored-by: Georg Kunz <[email protected]>
Signed-off-by: Madison Oliver <[email protected]>
@taladrane
Update TI-reports/2025/2025-Q2-VD-WG.md
5c9c78c 
Signed-off-by: Madison Oliver <[email protected]>
@marcelamelara marcelamelara added the TI Update Quarterly TI update. Needs 5 approvals, 7d review. label May 29, 2025
marcelamelara
marcelamelara approved these changes Jul 11, 2025
View reviewed changes
Copy link
Contributor

@marcelamelara marcelamelara left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @taladrane !

TI-reports/2025/2025-Q2-VD-WG.md
- [Project Idea - CVD Guide for OSS Consumers](https://github.com/ossf/wg-vulnerability-disclosures/issues/115) > effort is still stagnating and needs to be revived.

### Questions/Issues for the TAC
- (Standing question) What other areas in the OpenSSF Roadmap does the TAC see opportunity for the Vulnerability Disclosures working group?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the Ecosystem Leader focus area of our 2025 roadmap, I think there may be an interesting opportunity for the VD WG to collaborate across foundations with the CoSAI supply chain workstream around Model Vuln standardization, if the group wasn't following this effort yet.

@marcelamelara
Copy link
Contributor

@ossf/tac Could we get one more review here please?

@bobcallaway bobcallaway merged commit 0df811e into ossf:main Aug 11, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@steiza steiza steiza approved these changes

@bobcallaway bobcallaway bobcallaway approved these changes

@lehors lehors lehors approved these changes

@gkunz gkunz gkunz approved these changes

@marcelamelara marcelamelara marcelamelara approved these changes

Assignees
No one assigned
Labels
TI Update Quarterly TI update. Needs 5 approvals, 7d review.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@taladrane @marcelamelara @steiza @bobcallaway @lehors @gkunz