docs: add security review program guidelines#4481
Conversation
This PR supersedes and replaces hyperledger-cacti#4265. As discussed in the original PR's review by @VRamakrishna and @RafaelAPB, this PR updates the title and description to clarify that it introduces a set of guidelines for carrying out security reviews, rather than executing the actual review itself. The original 'Fixes hyperledger-cacti#4036' tag has been intentionally removed, as this PR provides supplementary documentation rather than closing the issue. Co-authored-by: malsomesh9 <malsomesh9@gmail.com> Signed-off-by: ParthSinghPS <posiedon.1721@gmail.com>
| @@ -0,0 +1,190 @@ | |||
| Security Review Program | |||
| ====================================================== | |||
There was a problem hiding this comment.
Please follow the formatting of other docs - use ---- (markdown native separator)
| - The package has recently changed dependencies, network surfaces, or | ||
| serialization boundaries. | ||
|
|
||
| Initial target classes: |
There was a problem hiding this comment.
This may be removed as all code is possible to be reviewed
| The review is complete when maintainers can point to the review artifacts and | ||
| the follow-up issues that track accepted remediation work. | ||
|
|
||
| ## Target Package Selection |
There was a problem hiding this comment.
This may be removed as all code is possible to be reviewed
| 8. Close the tracking issue only after the checklist and remediation backlog are | ||
| linked from the issue. | ||
|
|
||
| ## Automated SCA |
There was a problem hiding this comment.
The automated processes should be left out of the current document. The security review program focuses on security findings by the community.
| - Persistence packages. | ||
| - Cross-network messaging and interoperability packages. | ||
|
|
||
| ## Review Workflow |
There was a problem hiding this comment.
We will need to polish this. In particular a new contributor does not have the ability to add tags to issues;
| - Reviewer(s): | ||
| - Date: | ||
|
|
||
| ## Assets |
There was a problem hiding this comment.
I would remove the assets section and add a target parameter to the scope section
| - Filesystem paths: | ||
| - External service calls: | ||
|
|
||
| ## Trust Boundaries |
There was a problem hiding this comment.
Trust boundaries should be more aligned with our stack, we need to revisit
| - Container boundary: | ||
| - Browser to backend: | ||
|
|
||
| ## Threats |
There was a problem hiding this comment.
have the parameters as a template eg
<Spoofing, ETC>
This PR supersedes and replaces #4265.
As discussed in the original PR's review by @VRamakrishna and @RafaelAPB, this PR updates the title and description to clarify that it introduces a set of guidelines for carrying out security reviews, rather than executing the actual review itself.
The original 'Fixes #4036' tag has been intentionally removed, as this PR provides supplementary documentation rather than closing the issue.