Hi Carlos,
On Wed, Oct 30, 2024 at 12:52:13PM -0400, Carlos O'Donell wrote:
> > We discussed this with OpenSSF and submitted a funding request to
> > OpenSSF Alpha Omega for this particular part. OpenSSF initially was
> > supportive to funding these kinds of security plans, but they have been
> >
On 10/30/24 11:45 AM, Mark Wielaard wrote:
> Hi Carlos,
>
> On Wed, 2024-10-30 at 08:32 -0400, Carlos O'Donell wrote:
>> I can get down to specific requirements and possible solutions for them,
>> including
>> things like securing logins with 2FA etc. Which *could* be solved by
>> Sourceware
>>
On Wed, 30 Oct 2024, Carlos O'Donell via Gcc wrote:
> Have you broken down those project goals into actionable steps that
> could be taken?
>
> For example filing Sourceware Infrastructure bugs for each service that
> needs to be migrated into a VM and isolated (with a top level tracker
> for
On Wed, 30 Oct 2024, Mark Wielaard wrote:
> Yes, we did already discuss this. But it is too early for that. Richard
> setup a wiki page for the Forge Experiment that includes a list of
> various bugs/issues in Forgejo that we would like to see resolved
> before we can call the experiment an succes
On 2024-10-30 11:45, Mark Wielaard wrote:
Hi Carlos,
On Wed, 2024-10-30 at 08:32 -0400, Carlos O'Donell wrote:
I can get down to specific requirements and possible solutions for
them, including
things like securing logins with 2FA etc. Which *could* be solved by
Sourceware
today possibly usin
Hi Carlos,
On Wed, 2024-10-30 at 08:32 -0400, Carlos O'Donell wrote:
> I can get down to specific requirements and possible solutions for them,
> including
> things like securing logins with 2FA etc. Which *could* be solved by
> Sourceware
> today possibly using Nitrokeys (open hardware and FOSS
On 10/30/24 6:39 AM, Mark Wielaard wrote:
> Hi Carlos,
>
> On Tue, Oct 29, 2024 at 06:02:03PM -0400, Carlos O'Donell via Gcc wrote:
>> Recent discussions on the glibc mailing list make it clear
>> that we need to expand and discuss more about our "why" along with
>> the "what" and "how" of these c
Hi Carlos,
On Tue, Oct 29, 2024 at 06:02:03PM -0400, Carlos O'Donell via Gcc wrote:
> Recent discussions on the glibc mailing list make it clear
> that we need to expand and discuss more about our "why" along with
> the "what" and "how" of these changes.
Zoe wrote a good summary of that discussio
Core Toolchain Infrastructure - October 2024 update
The Core Toolchain Infrastructure (CTI) Project’s mission is to support
the GNU Toolchain community with secure infrastructure and state of the
art services required to support the community’s development efforts to
be a trusted foundation in a
