Update docs to reflect sheriff/marshal -> shepherd name change.
This change renames sheriff.md and clusterfuzz-for-sheriffs.md to
shepherd.md and clusterfuzz-for-shepherds.md to reflect the change
to the triage rotation name.
This change also replaces all uses of sheriff/marshal to
primary/secondary shepherd where relevant, and updates doc links to
point to the renamed docs.
Change-Id: Ibc823e6fcbaa4f1b663e1f8bb755fc6f1e4918fe
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4493931
Reviewed-by: danakj <[email protected]>
Commit-Queue: Liza Burakova <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1137862}
diff --git a/docs/security/clusterfuzz-for-sheriffs.md b/docs/security/clusterfuzz-for-shepherds.md
similarity index 95%
rename from docs/security/clusterfuzz-for-sheriffs.md
rename to docs/security/clusterfuzz-for-shepherds.md
index ec0ba53..ae9c989 100644
--- a/docs/security/clusterfuzz-for-sheriffs.md
+++ b/docs/security/clusterfuzz-for-shepherds.md
@@ -1,8 +1,8 @@
-# Security Sheriff ClusterFuzz instructions
+# Security Shepherd ClusterFuzz instructions
[TOC]
-This page has instructions for [Security Sheriffs](sheriff.md) in how best to use
+This page has instructions for [Security Shepherds](shepherd.md) in how best to use
[ClusterFuzz](https://clusterfuzz.com) to reproduce and label bugs.
## Basics
diff --git a/docs/security/life-of-a-security-issue.md b/docs/security/life-of-a-security-issue.md
index 4f8b6564d..d532a2b 100644
--- a/docs/security/life-of-a-security-issue.md
+++ b/docs/security/life-of-a-security-issue.md
@@ -56,8 +56,8 @@
## 2. Triage bug
-After the bug is filed, a [security sheriff](sheriff.md) will evaluate the
-report. The sheriff does several tasks:
+After the bug is filed, a [security shepherd](shepherd.md) will evaluate the
+report. The shepherd does several tasks:
- Validate that the bug reproduces
- Searching for any duplicate reports
@@ -68,7 +68,7 @@
## 3. Assign bug
-The primary job of the sheriff is to route valid and actionable reports of
+The primary job of the shepherd is to route valid and actionable reports of
security bugs to the Chromium developer who is best poised to fix the issue.
After the issue is assigned, there may be discussion between the developer(s)
@@ -94,7 +94,7 @@
When the bug moves into the *Fixed* state, the security team's automation
systems begin processing the bug report. In particular, the tools will add
[merge request](../process/merge_request.md) labels, based on the severity and
-impact assessed by the sheriff during triage.
+impact assessed by the shepherd during triage.
## 6. Assess for backports
diff --git a/docs/security/security-issue-guide-for-devs.md b/docs/security/security-issue-guide-for-devs.md
index 7488060..7d27e82 100644
--- a/docs/security/security-issue-guide-for-devs.md
+++ b/docs/security/security-issue-guide-for-devs.md
@@ -18,20 +18,20 @@
## 1. Understand why you were Assigned
All incoming security bugs are analyzed and triaged by the current [security
-sheriff](sheriff.md). If you have been assigned a security bug, it is because
-the sheriff thinks you are the responsible owner for the code in question. The
-sheriff assigned you the bug because either:
+shepherd](shepherd.md). If you have been assigned a security bug, it is because
+the shepherd thinks you are the responsible owner for the code in question. The
+shepherd assigned you the bug because either:
-1. They have verified the bug is valid and the sheriff expects you to fix it
+1. They have verified the bug is valid and the shepherd expects you to fix it
2. There is a technical question that needs to be answered before the bug can be
fully triaged
In either case, if you are not the correct owner, please suggest a more
appropriate person and re-assign it to that person. Or, if you do not know the
correct owner, set the bug’s status back to **Untriaged**, so that it reenters
-the sheriff’s queue.
+the shepherd’s queue.
-In the case where the sheriff is asking you technical questions, they will
+In the case where the shepherd is asking you technical questions, they will
further triage the bug after considering your responses.
Security bugs are also view-restricted until after the fix is released to users.
@@ -41,13 +41,13 @@
## 2. Participate in the discussion
Some bugs involve discussion with the reporter and/or members of the security
-team. For example, the issue may be in a feature or system that the sheriff is
+team. For example, the issue may be in a feature or system that the shepherd is
not well-equipped to reproduce, and they may ask you for help in determining if
-the bug is valid. The sheriff may also try to determine if the bug is mitigated,
+the bug is valid. The shepherd may also try to determine if the bug is mitigated,
meaning that the security impact is smaller or greater than described by the
reporter. As the developer, you may have questions about certain preconditions
assumed by the reporter. We encourage you to interact with the reporter and the
-sheriff, directly in the bug tracker, as much as you need in order to identify
+shepherd, directly in the bug tracker, as much as you need in order to identify
and fix the issue.
Please do _not_ adjust any of the [security labels](security-labels.md) on the
@@ -59,7 +59,7 @@
## 3. Fix the bug
This is the normal part of the job! Write a fix and a regression test, upload
-the CL, and get it reviewed by the appropriate code owner. The sheriff who
+the CL, and get it reviewed by the appropriate code owner. The shepherd who
assigned you the bug does not need to be included on the CL. Once the CL has
landed, please [_immediately_ mark the bug as
**Fixed**](https://groups.google.com/a/chromium.org/g/chromium-dev/c/JNJdU-dnjTk/m/4jXI96pdAgAJ).
diff --git a/docs/security/sheriff.md b/docs/security/shepherd.md
similarity index 92%
rename from docs/security/sheriff.md
rename to docs/security/shepherd.md
index a46b495a..170a979c 100644
--- a/docs/security/sheriff.md
+++ b/docs/security/shepherd.md
@@ -1,4 +1,4 @@
-# Security Sheriff
+# Security Shepherd
[TOC]
@@ -11,11 +11,11 @@
[Security Labels](security-labels.md).
-[Current Sheriffs](http://go/whos-the-sheriff).
+[Current Shepherds](http://go/whos-the-shepherd).
-[Sheriff Handoff Log](http://go/chrome-security-sheriff-handoff).
+[Shepherd Handoff Log](http://go/chrome-security-shepherd-handoff).
-You might also like the [HOWTO: Be A Security Sheriff
+You might also like the [HOWTO: Be A Security Shepherd
deck](https://docs.google.com/presentation/d/1eISJXxyv7dUCGUKk_rvUI9t9s2xb98QY4d_-dZSa7Wg/edit#slide=id.p).
The [Chrome Security FAQ](faq.md), [Extensions Security
@@ -24,18 +24,18 @@
security and what is or is not considered a security bug. When triaging new
bugs, you may want to reference these to see if there's an established stance.
-## What Is A Security Sheriff Or Marshal?
+## What Is A Security Shepherd?
-A security sheriff (as well as a security marshal) is a member of a rotation
+A security shepherd is a member of a rotation
that occurs in 1-week time slots, starting on Tuesdays and ending the following
-Monday. All sheriffs and marshals are Googlers and so some links on this page
-might not be externally accessible (or indeed locked down to just Chrome
-Security Googlers).
+Monday. There is a primary and secondary shepherd on each rotation. All
+shepherds are Googlers and so some links on this page might not be externally
+accessible (or indeed locked down to just Chrome Security Googlers).
[Here is the rotation
schedule](https://docs.google.com/spreadsheets/d/10sLYZbi6QfLcXrhO-j5eSc82uc7NKnBz_o1pR9y8h7U/edit#gid=0).
-Sheriffs and marshals ensure that all incoming security issues are triaged
+Shepherds ensure that all incoming security issues are triaged
quickly and correctly. We aim to have every bug triaged and assigned **within
two business days** (preferably one). This does not include weekends, but please
ensure you leave a clear queue before the weekend (i.e. on Friday, unless there
@@ -43,19 +43,19 @@
unless there is a holiday).
-## When Am I The Security Sheriff Or Marshal?
+## When Am I The Primary or Secondary Shepherd?
You should get a calendar invite. Please accept it to acknowledge. If you need
to swap shifts, ask around for a volunteer and then just update the
[rotation sheet](https://docs.google.com/spreadsheets/d/10sLYZbi6QfLcXrhO-j5eSc82uc7NKnBz_o1pR9y8h7U/edit#gid=0)
and wait 10 minutes for the calendar invites to be updated.
-## I'm The Security Sheriff Or Marshal. What Do I Do?
+## I'm The Security Primary or Secondary Shepherd. What Do I Do?
-Each week has a sheriff and marshal, and during their rotation both have
+Each week has a primary and secondary, and during their rotation both have
various important responsibilities:
-### Sheriff
+### Primary Shepherd
* Look at every incoming security bug report on the
[dashboard](http://go/chrome-security-bugs). Ensure each is accurately
@@ -63,45 +63,45 @@
* Don't forget to fully triage the low severity bugs. Once a bug is labeled with
`Security_Severity-Low `, it disappears from the first sheet and may slip
under your radar.
-* Keep the [Sheriff Handoff Log](http://go/chrome-security-sheriff-handoff) up
+* Keep the [Shepherd Handoff Log](http://go/chrome-security-shepherd-handoff) up
to date.
* Shout for help if the incoming bug rate is too high ([suggested vocal
exercises](https://youtu.be/5y_SbnPx_cE?t=37s)). The first person to ask is
- the marshal.
+ the secondary.
* Make sure all **new bug reports** are triaged completely. That means no red
cells on the top of the dashboard. Double-check that OS flags are set
properly. For most of the bugs, typically more than one OS is affected, but
the dashboard will not highlight it in red.
* Stay sharp, keep in shape ([hand-stand
pushups](https://www.youtube.com/watch?v=jZ1ZDlLImF8#t=50) are standard for
- the sheriff), and remember you may be [called upon during
+ the primary shepherd), and remember you may be [called upon during
emergencies](https://www.youtube.com/watch?v=buHaKYL9Jhg).
-### Marshal
+### Secondary Shepherd
* Ensure that all incoming queries to the
[[email protected]](https://groups.google.com/a/chromium.org/forum/#!forum/security),
[[email protected]](https://groups.google.com/a/chromium.org/forum/#!forum/security-dev),
and
[[email protected]](https://groups.google.com/a/google.com/forum/#!forum/chrome-security)
- lists get a reply (by someone; not necessarily the marshal themselves). See
+ lists get a reply (by someone; not necessarily the secondary themselves). See
[go/chrome-security-emails](https://goto.google.com/chrome-security-emails)
for a dashboard.
* Note: external emails will always come in on [email protected] or
[email protected], as [email protected] is a Google-only
list, but all need to be triaged.
* When triaging an email to be handled off of the list, make sure to bcc: the
- list that it arrived on, so that other people including future marshals can
+ list that it arrived on, so that other people including future secondaries can
see that it has been handled.
* Some of these emails are requests for inclusion of third party code.
- By the time you hand over to the next Marshal, please
+ By the time you hand over to the next Secondary, please
ensure these are either completed or have been acknowledged by some other
owner. If not, you may need to do them yourself. Please see
[How to do Chrome Third-Party Security Reviews](https://goto.google.com/how-to-do-chrome-third-party-security-reviews)
for hints.
* Look at the open security bug reports and check that progress is occurring.
This does not apply to the **new bug reports** (these are handled by the
- sheriff). The rule of thumb is *if there is any red cell on the dashboard, it
+ primary shepherd). The rule of thumb is *if there is any red cell on the dashboard, it
needs your attention*: that especially includes the "last updated" column.
(Our [severity guidelines](severity-guidelines.md) contain the expected duration
for shipping fixes, but remember, to get a fix to all users in - say - 60
@@ -109,7 +109,7 @@
Hints:
* Don't just add a comment to the bug: sometimes they can disappear into spam.
(Although a hand-crafted, meaningful comment can be effective).
- * Contact via chat or e-mail (ideally, also comment on the bug so other marshals
+ * Contact via chat or e-mail (ideally, also comment on the bug so other secondaries
can see you did so).
* CC more people!
* Think about what you can do to unblock the bug. What would _you_ do next?
@@ -122,9 +122,9 @@
thumb, perhaps expect to spend a solid ten hours progressing bugs during
your shift.
* Use the 'last updated' column to avoid duplicating the work of the previous
- marshal.
+ secondary.
* Stay sharp, keep in shape ([finger
- exercises](https://youtu.be/20elMaVZ9lg?t=47s) are standard for the marshal),
+ exercises](https://youtu.be/20elMaVZ9lg?t=47s) are standard for the secondary),
and remember you may be called upon during emergencies.
## Life Of A Security Bug
@@ -194,7 +194,7 @@
#### Step 1. Reproduce legitimate-sounding issues.
-Ideally, sheriffs should reproduce each bug before triaging, but being efficient
+Ideally, primary shepherds should reproduce each bug before triaging, but being efficient
is also important. It's fine to delegate reproducing bugs in the following
cases:
@@ -232,7 +232,7 @@
Note that **even when you are handing off triage to another team or point of
contact**, it is your responsibility to ensure that the `Security_Severity` and
`FoundIn` fields are set as soon as possible (and definitely before the end of
-your sheriffing shift). Work with your point of contact to set these. For
+your shepherding shift). Work with your point of contact to set these. For
instance, you may want to set initial/provisional values for these fields and
ask them whether it matches their understanding.
@@ -242,15 +242,15 @@
on your local machine if you're completely certain that you understand
100% of the test case. If not, use a disposable virtual machine. If you're
inside Google, a good way to do this is using
- [Redshell](https://goto.google.com/redshell-for-chrome-sheriffs).
+ [Redshell](https://goto.google.com/redshell-for-chrome-shepherds).
* For any sort of a crash, CHECK/DCHECK or memory safety problem
- [use ClusterFuzz](clusterfuzz-for-sheriffs.md). As well as reproducing bugs,
+ [use ClusterFuzz](clusterfuzz-for-shepherds.md). As well as reproducing bugs,
ClusterFuzz will help you with lots of subsequent bisection and labelling
tasks. Currently ClusterFuzz cannot guard against malicious test cases,
so be just as paranoid as if you were running a test case locally.
* [Instructions for using an Android emulator can be found
here](/docs/android_emulator.md). If you're inside Google, we have a
- [guide for testing using Google infrastructure](https://goto.google.com/android-for-chrome-sheriffs).
+ [guide for testing using Google infrastructure](https://goto.google.com/android-for-chrome-shepherds).
* When you can't just build from a specific branch locally, check out
[https://dev.chromium.org/getting-involved/dev-channel](https://dev.chromium.org/getting-involved/dev-channel)
or
@@ -347,8 +347,8 @@
closed, add **Restrict-View-SecurityEmbargo**. This should be done if the
reporter wishes to remain anonymous, if the description or comments contain
PII, or if the bug contains malware samples.
-* **Security_Severity** - your responsibility as Sheriff.
-* **FoundIn** - your responsibility as Sheriff.
+* **Security_Severity** - your responsibility as Shepherd.
+* **FoundIn** - your responsibility as Shepherd.
* **reward_to** - if the bug was filed internally on behalf of somebody
external (for instance, a @chromium.org email reporting "I'm filing this on
behalf of" and the like). This is also very important; please check.
@@ -391,7 +391,7 @@
### Find An Owner To Fix The Bug
That owner can be you! Otherwise, this is one of the more grey areas of
-sheriffing. With experience, you'll figure out good goto people for certain
+shepherding. With experience, you'll figure out good goto people for certain
areas. Until then, here are some tips.
**Determine the correct component before continuing.** It's not enough on its
@@ -439,7 +439,7 @@
fixed.** Check the stale bug list on the security dashboard and try resolve
some of the problems that might be blocking these issues. If you get in touch
with a bug owner off of the issue tracker, be sure to have them update the bug
-so that future sheriffs are aware of the status.
+so that future shepherds are aware of the status.
> Q: Why isn’t setting the component alone good enough?
>
@@ -461,4 +461,4 @@
## End Of Rotation
-Update the [Sheriff Handoff Log](http://go/chrome-security-sheriff-handoff).
+Update the [Shepherd Handoff Log](http://go/chrome-security-shepherd-handoff).
