Maintainers are responsible for day-to-day operation of the project. Every pull request in this repository must be approved by at least one Maintainer, as per CONTRIBUTING.md.
This file contains the canonical list of SLSA Specification Maintainers. It is manually mirrored to the Specification Maintainers GitHub team, which confers permissions in this repository.
| Name | OpenSSF Slack | GitHub | Affiliation | |
|---|---|---|---|---|
| Andrew McNamara | arewm@redhat.com | @arewm | arewm | Red Hat |
| Arnaud Le Hors | lehors@us.ibm.com | @Arnaud Le Hors | lehors | IBM |
| Joshua Lock | joshuagloe@gmail.com | @Joshua Lock | joshuagl | Verizon |
| Kris K | kkris@google.com | @Kris K | kpk47 | |
| Marcela Melara | marcela.melara@intel.com | @Marcela Melara | marcelamelara | Intel |
| Mark Lodato | lodato@google.com | @Mark Lodato | MarkLodato | |
| Michael Lieberman | mlieberman85@gmail.com | @Michael Lieberman | mlieberman85 | Kusari |
| Tom Hennen | tomhennen@google.com | @Tom Hennen | TomHennen |
The criteria for becoming a Maintainer is documented in the SLSA Governance repository and copied here for convenience:
- Demonstrated track record of PR reviews (both quality and quantity of reviews)
- Demonstrated thought leadership in the project
- Demonstrated shepherding of project work and contributors
The best way to get started is to regularly contribute and review pull requests.
To nominate a candidate, send a PR adding the candidate's name to the list of Current Maintainers. If the candidate is not the author, have the candidate approve the PR as well.
Once the PR is approved and merged, an existing Maintainer will add the candidate to the Specification Maintainers GitHub team.
| Name | OpenSSF Slack | GitHub | Affiliation |
|---|
The criteria for removing a Maintainer is documented in the SLSA Governance repository.
To remove Maintainer, send a PR to move the candidate from Current Maintainers to Retired Maintainers. If the candidate is not the author, request review from the candidate to inform them of their removal. Approval from the candidate is not required, though it is desirable.
Once the PR is approved and merged, a Maintainer will remove the person from the Specification Maintainers GitHub team.