We make it easy for you to keep everyone safe
The Backdrop Security team consists of trusted members of the backdrop-contrib group who have security experience.
Our mission includes:
- to take the burden of project maintainership off of single individuals, and making it a responsibility of the community to step in when needed
- to improve the overall security of contributed projects by having multiple people capable of keeping everything up to date
Our responsibilities include:
- Responding to all contact via the security@backdropcms.org email address.
- Handling reports of potential new security issues.
- Communication with the reporter.
- Testing of potential vulnerabilities
- Fixing of actual vulnerabilities
- Managing security releases for existing Backdrop contrib projects.
- Communication with the project maintainer.
- Assist with fixes when requested.
- Updates to project notes on backdropcms.org
- Handling reports of potential new security issues.
- Collaborating with the Drupal security team on core issues that affect both projects.
- Following Drupal conrib security releases, and notifying Backdrop maintainers.
- When Backdrop maintainers are unavailable, creating security releases.
- Coordinating security releases for both core and contrib.
You may apply to become a member of the Backdrop Security Team by creating an issue in the contrib queue. GitHub members can view a list of people on the Security team.