Discuss possible changes to reaction rotation for composition analysis
Problem to solve
reaction rotation https://about.gitlab.com/handbook/engineering/development/secure/composition-analysis/#reaction-rotation covers a lot of things
- support requests on. slack
- triage vulns on all our projects
- community contributions
- bug triage
- infradev triage
I also want to add the following responsibilities
- checking for new versions of languages or package managers that we support, or deprecation / removal of support for the same
- checking for new versions / patches of our OSes
- checking for new versions of our external tools (this is maybe automated for some?)
- checking in on test failures
Proposal
I think putting this all on one person is way too much
what other ways could we approach this so it always is done - but is perhaps spread out among multiple people?
Edited by Nicole Schwartz