Replace k/security with k/committee-security-response in k/community/sig-security (#6008)

PushkarJ · web-flow · commit 9d0457158079 · 2021-09-24T16:10:21.000-07:00
* Replace k/security with k/committee-security-response

Minor updates from PSC to SRC

* Updated references from master to main branch
diff --git a/committee-security-response/README.md b/committee-security-response/README.md
@@ -30,10 +30,10 @@ The Kubernetes Security Response Committee is the body that is responsible for r
 ## Subprojects
 
 The following [subprojects][subproject-definition] are owned by the Security Response Committee:
-### security
+### committee-security-response
 Policies and documentation for the Security Response Committee
 - **Owners:**
-  - [kubernetes/security](https://github.com/kubernetes/security/blob/master/OWNERS)
+  - [kubernetes/committee-security-response](https://github.com/kubernetes/committee-security-response/blob/main/OWNERS)
 
 [subproject-definition]: https://github.com/kubernetes/community/blob/master/governance.md#subprojects
 <!-- BEGIN CUSTOM CONTENT -->
diff --git a/sig-security/charter.md b/sig-security/charter.md
@@ -14,7 +14,7 @@ SIG Security continues to manage the third-party security audits, while serving
 
 #### Vulnerability Management Process
 
-Work with the Kubernetes [Product Security Committee (PSC)](https://github.com/kubernetes/security#product-security-committee-psc) to define the processes for fixing and disclosing vulnerabilities, as outlined in https://github.com/kubernetes/security. For example:
+Work with the Kubernetes [Security Response Committee (SRC)](https://github.com/kubernetes/committee-security-response#security-response-committee-src) to define the processes for fixing and disclosing vulnerabilities, as outlined in https://github.com/kubernetes/committee-security-response. For example:
 
 - When the private fix & release process is invoked
 - How vulnerabilities are rated
diff --git a/sig-security/sig-security-external-audit/README.md b/sig-security/sig-security-external-audit/README.md
@@ -5,8 +5,8 @@
 The SIG Security External Audit subproject (subproject, henceforth) is responsible for coordinating regular, 
 comprehensive, third-party security audits.
 The subproject publishes the deliverables of the audit after abiding to the 
-[Security Release Process](https://github.com/kubernetes/security/blob/master/security-release-process.md) and 
-[embargo policy](https://github.com/kubernetes/security/blob/master/private-distributors-list.md#embargo-policy).
+[Security Release Process](https://github.com/kubernetes/committee-security-response/blob/main/security-release-process.md) and 
+[embargo policy](https://github.com/kubernetes/committee-security-response/blob/main/private-distributors-list.md#embargo-policy).
 
   - [Request for Proposal (RFP)](#rfp)
     - [Security Audit Scope](#security-audit-scope)
@@ -53,8 +53,8 @@ The question period is typically open between the RFP's opening date and closing
 Proposals are reviewed by the subproject proposal reviewers after the RFP closing date. An understanding of security audits is required to be a proposal reviewer.
 
 All proposal reviewers must agree to abide by the 
-**[Security Release Process](https://github.com/kubernetes/security/blob/master/security-release-process.md)**, 
-**[embargo policy](https://github.com/kubernetes/security/blob/master/private-distributors-list.md#embargo-policy)**, 
+**[Security Release Process](https://github.com/kubernetes/committee-security-response/blob/main/security-release-process.md)**, 
+**[embargo policy](https://github.com/kubernetes/committee-security-response/blob/main/private-distributors-list.md#embargo-policy)**, 
 and have no [conflict of interest](#conflict-of-interest) the tracking issue. 
 This is done by placing a comment on the issue associated with the security audit. 
 e.g. `I agree to abide by the guidelines set forth in the Security Release Process, specifically the embargo on CVE 
diff --git a/sigs.yaml b/sigs.yaml
@@ -3234,10 +3234,10 @@ committees:
     - name: security-response-committee
       description: General Discussion
   subprojects:
-  - name: security
+  - name: committee-security-response
     description: Policies and documentation for the Security Response Committee
     owners:
-    - https://raw.githubusercontent.com/kubernetes/security/master/OWNERS
+    - https://raw.githubusercontent.com/kubernetes/committee-security-response/main/OWNERS
 - dir: committee-steering
   name: Steering
   mission_statement: >
