Merge pull request cncf#610 from cncf/security-process-at-incubation

Add requirement for documented security processes
git19112019 · Apr 14, 2021 · f01a4fa · f01a4fa
2 parents f1f1c23 + 355b845
commit f01a4fa
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/process/graduation_criteria.adoc b/process/graduation_criteria.adoc
@@ -29,6 +29,7 @@ To be accepted to incubating stage, a project must meet the sandbox stage requir
  * Demonstrate a substantial ongoing flow of commits and merged contributions.
  * Since these metrics can vary significantly depending on the type, scope and size of a project, the TOC has final judgement over the level of activity that is adequate to meet these criteria
  * A clear versioning scheme.
+ * Clearly documented security processes explaining how to report security issues to the project, and describing how the project provides updated releases or patches to resolve security vulnerabilities 
  * Specifications must have at least one public reference implementation.
 
 === Graduation Stage