[llvm] docs: Add an incident response guide (PR #133567)
Vlad Serebrennikov via llvm-commits
llvm-commits at lists.llvm.org
Sat Mar 29 11:06:21 PDT 2025
================
@@ -0,0 +1,87 @@
+============================
+LLVM Incident Response Guide
+============================
+
+Purpose
+=======
+
+The purpose of this document is to outline how a project administrator should respond to
+malicious or unwanted content that appears on LLVM infrastructure. This includes but
+is not limited to: malicious code checked into the GitHub repository, unauthorized access
+to LLVM controlled servers, or compromise of community owned resources like buildbots
+or GitHub Actions runners.
+
+General Principles
+==================
+
+We trust our project administrators to use good judgement when responding to an incident,
+so we want to avoid creating regulations or rules that will slow down or limit their ability to
+quickly resolve it. However, we do want to provide some general guidelines for admins
+to follow during an incident, mainly to ensure that the problem and the steps taken to
+resolve it are being communicated effectively. Here is a checklist admins should follow
----------------
Endilll wrote:
```suggestion
resolve it are being communicated effectively. Here is a checklist admins should follow
```
https://github.com/llvm/llvm-project/pull/133567
More information about the llvm-commits
mailing list