Based on @mickael’s (@emkll on GitHub) contributions thus far, I think he should become a SecureDrop maintainer. He’s a security engineer at FPF and has been doing an excellent job on the SecureDrop threat model rewrite (shared with all maintainers for feedback). In terms of development, he’s made significant contributions, including fixing a tricky .desktop Tails bug, several improvements to the much-in-need-of-love OSSEC ruleset, and careful QA and fixes during the 0.5.x release series.
Please share any concerns here or privately if you prefer. Else feel free to
I share @redshiftzero positive opinion and more. He was very helpful, explaining concepts that were unknown to me, in gitter, the forum and in private. He was also agreeable to changes suggested when reviewing his pull requests and reacted promptly, allowing for a quick merge.
My only concern would be that @mickael did not yet do a significant amount of reviews. If he was a volunteer contributor I would suggest him to wait until he gains more experience in this area. However, @mickael being an employee of FPF I’m confident that he will have time to learn the review best practices and there is no need to delay.
Yes! Great suggestion, @redshiftzero. As has already been mentioned here, @mickael is meticulous in comments on GitHub, and lends a lot of clarity to discussions. @dachary brings up a good point that @mickael hasn’t yet reviewed a ton of PR, but that should change with the maintainer status. The lot of us will remain in the mix, and I welcome more feedback about the review process.