Account confirmers, Anti-spam team, Bureaucrats, canmove, Confirmed users, Module owners and peers, smwadministrator, smwcurator, Administrators, MozillaWiki team, Widget editors
8,158
edits
GitHub/Repository Security: Difference between revisions
Changed source lang:"markdown" to "source lang:"markdown"" in two places (to see if it fixes detected syntax error
(Changed "source lang:markdown" to "source lang:"markdown"" in two places (to see if it fixes detected syntax error) |
(Changed source lang:"markdown" to "source lang:"markdown"" in two places (to see if it fixes detected syntax error) |
||
| Line 39: | Line 39: | ||
== Membership == | == Membership == | ||
<source lang | <source lang="markdown"> | ||
- [ ] All GitHub accounts granted specific access to a sensitive repository need to have a current email contact address recorded in a Mozilla system. (GitHub does not provide this feature.) For staff, that should be done in the "Github Username" field of their phonebook record, for others GitHub should be added as a "Profile Identity" in their Mozillians record, and their login added to the "Bio" section. | - [ ] All GitHub accounts granted specific access to a sensitive repository need to have a current email contact address recorded in a Mozilla system. (GitHub does not provide this feature.) For staff, that should be done in the "Github Username" field of their phonebook record, for others GitHub should be added as a "Profile Identity" in their Mozillians record, and their login added to the "Bio" section. | ||
- [ ] All GitHub accounts must use 2FA | - [ ] All GitHub accounts must use 2FA | ||
| Line 46: | Line 46: | ||
== Repository == | == Repository == | ||
<source lang | <source lang="markdown"> | ||
- [ ] Sensitive repositories should only be hosted in a GitHub organization operated by Mozilla staff. | - [ ] Sensitive repositories should only be hosted in a GitHub organization operated by Mozilla staff. | ||
- [ ] The hosting organization should have 2FA set as a requirement. | - [ ] The hosting organization should have 2FA set as a requirement. | ||