argo-helm/SECURITY-INSIGHTS.yml

header:
  schema-version: '1.0.0'
  expiration-date: '2024-11-04T10:00:00.000Z'
  project-url: https://github.com/argoproj/argo-helm
project-lifecycle:
  status: active
  bug-fixes-only: false
  core-maintainers:
  - https://github.com/mkilchhofer
  - https://github.com/jmeridth
contribution-policy:
  accepts-pull-requests: true
  accepts-automated-pull-requests: true
  automated-tools-list:
    - automated-tool: dependabot
      action: allowed
      path:
        - /
  contributing-policy: https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md
  code-of-conduct: https://github.com/cncf/foundation/blob/master/code-of-conduct.md
distribution-points:
  - https://argoproj.github.io/argo-helm
  - https://artifacthub.io/packages/search?org=argoproj&repo=argo
security-contacts:
  - type: website
    value: https://github.com/argoproj/argo-helm/security/advisories/new
    primary: true
vulnerability-reporting:
  accepts-vulnerability-reports: true
  email-contact: cncf-argo-maintainers@lists.cncf.io
  security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md
  comment: |
    Our preferred contact method related to vulnerabilities is the Security tab on GitHub.
    Click the button "Report a vulnerability" to open the advisory form.
    Please refer to the security policy for reporting information prior to using the email contact.
dependencies:
  env-dependencies-policy:
    policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions
chore(github): Updated security documentation and CLOMonitor exemptions (#2333) * Updated security documentation and CLOMonitor exemptions Signed-off-by: Eddie Knight <knight@linux.com> * Added license scanning exepmtion Signed-off-by: Eddie Knight <knight@linux.com> * Added best practices badge to README Signed-off-by: Eddie Knight <knight@linux.com> --------- Signed-off-by: Eddie Knight <knight@linux.com> Co-authored-by: Jason Meridth <jmeridth@gmail.com> 2023-11-06 15:10:35 +00:00			`header:`
			`schema-version: '1.0.0'`
			`expiration-date: '2024-11-04T10:00:00.000Z'`
			`project-url: https://github.com/argoproj/argo-helm`
			`project-lifecycle:`
			`status: active`
			`bug-fixes-only: false`
			`core-maintainers:`
			`- https://github.com/mkilchhofer`
			`- https://github.com/jmeridth`
			`contribution-policy:`
			`accepts-pull-requests: true`
			`accepts-automated-pull-requests: true`
chore(github): Update SECURITY-INSIGHTS.yml to include security-contacts (#2356) 2023-11-27 06:30:08 +00:00			`automated-tools-list:`
			`- automated-tool: dependabot`
			`action: allowed`
			`path:`
			`- /`
			`contributing-policy: https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md`
			`code-of-conduct: https://github.com/cncf/foundation/blob/master/code-of-conduct.md`
chore(github): Updated security documentation and CLOMonitor exemptions (#2333) * Updated security documentation and CLOMonitor exemptions Signed-off-by: Eddie Knight <knight@linux.com> * Added license scanning exepmtion Signed-off-by: Eddie Knight <knight@linux.com> * Added best practices badge to README Signed-off-by: Eddie Knight <knight@linux.com> --------- Signed-off-by: Eddie Knight <knight@linux.com> Co-authored-by: Jason Meridth <jmeridth@gmail.com> 2023-11-06 15:10:35 +00:00			`distribution-points:`
chore(github): Update SECURITY-INSIGHTS.yml to include security-contacts (#2356) 2023-11-27 06:30:08 +00:00			`- https://argoproj.github.io/argo-helm`
			`- https://artifacthub.io/packages/search?org=argoproj&repo=argo`
			`security-contacts:`
			`- type: website`
			`value: https://github.com/argoproj/argo-helm/security/advisories/new`
			`primary: true`
chore(github): Updated security documentation and CLOMonitor exemptions (#2333) * Updated security documentation and CLOMonitor exemptions Signed-off-by: Eddie Knight <knight@linux.com> * Added license scanning exepmtion Signed-off-by: Eddie Knight <knight@linux.com> * Added best practices badge to README Signed-off-by: Eddie Knight <knight@linux.com> --------- Signed-off-by: Eddie Knight <knight@linux.com> Co-authored-by: Jason Meridth <jmeridth@gmail.com> 2023-11-06 15:10:35 +00:00			`vulnerability-reporting:`
			`accepts-vulnerability-reports: true`
			`email-contact: cncf-argo-maintainers@lists.cncf.io`
			`security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md`
chore(github): Update SECURITY-INSIGHTS.yml to include security-contacts (#2356) 2023-11-27 06:30:08 +00:00			`comment: \|`
			`Our preferred contact method related to vulnerabilities is the Security tab on GitHub.`
			`Click the button "Report a vulnerability" to open the advisory form.`
			`Please refer to the security policy for reporting information prior to using the email contact.`
chore(github): Updated security documentation and CLOMonitor exemptions (#2333) * Updated security documentation and CLOMonitor exemptions Signed-off-by: Eddie Knight <knight@linux.com> * Added license scanning exepmtion Signed-off-by: Eddie Knight <knight@linux.com> * Added best practices badge to README Signed-off-by: Eddie Knight <knight@linux.com> --------- Signed-off-by: Eddie Knight <knight@linux.com> Co-authored-by: Jason Meridth <jmeridth@gmail.com> 2023-11-06 15:10:35 +00:00			`dependencies:`
			`env-dependencies-policy:`
			`policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions`