Maintainers are responsible for day-to-day operation of the project. Every pull request in this repository must be approved by at least one Maintainer, as per CONTRIBUTING.md.
This file contains the canonical list of SLSA Specification Maintainers. It is manually mirrored to the Specification Maintainers GitHub team, which confers permissions in this repository.
| Name | OpenSSF Slack | GitHub | Affiliation | |
|---|---|---|---|---|
| Andrew McNamara | [email protected] | @arewm | arewm | Red Hat |
| Arnaud Le Hors | [email protected] | @Arnaud Le Hors | lehors | IBM |
| Joshua Lock | [email protected] | @Joshua Lock | joshuagl | Verizon |
| Marcela Melara | [email protected] | @Marcela Melara | marcelamelara | Intel |
| Mark Lodato | [email protected] | @Mark Lodato | MarkLodato | |
| Michael Lieberman | [email protected] | @Michael Lieberman | mlieberman85 | Kusari |
| Tom Hennen | [email protected] | @Tom Hennen | TomHennen | |
| Trishank Karthik Kuppusamy | [email protected] | @trishank | trishankatdatadog | Datadog |
| Zachariah Cox | [email protected] | @zachariahcox | zachariahcox | GitHub |
The criteria for becoming a Maintainer is documented in the SLSA Governance repository and copied here for convenience:
- Demonstrated track record of PR reviews (both quality and quantity of reviews)
- Demonstrated thought leadership in the project
- Demonstrated shepherding of project work and contributors
The best way to get started is to regularly contribute and review pull requests.
To nominate a candidate, send a PR adding the candidate's name to the list of Current Maintainers. If the candidate is not the author, have the candidate approve the PR as well.
Once the PR is approved and merged, an existing Maintainer will add the candidate to the Specification Maintainers GitHub team.
| Name | OpenSSF Slack | GitHub | Affiliation | |
|---|---|---|---|---|
| Kris K | [email protected] | @Kris K | kpk47 |
The criteria for removing a Maintainer is documented in the SLSA Governance repository.
To remove Maintainer, send a PR to move the candidate from Current Maintainers to Retired Maintainers. If the candidate is not the author, request review from the candidate to inform them of their removal. Approval from the candidate is not required, though it is desirable.
Once the PR is approved and merged, a Maintainer will remove the person from the Specification Maintainers GitHub team.