argoproj
/
argo-helm
mirror of https://github.com/argoproj/argo-helm.git
1
0
Fork 1
Code Issues Packages Projects Releases Wiki Activity

chore(github): Update SECURITY-INSIGHTS.yml to include security-contacts (#2356)

pull/2354/head^2
Marco Maurer (-Kilchhofer) 2023-11-27 07:30:08 +01:00 committed by GitHub
parent c183652889
commit 7f95a5f9f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 17 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
SECURITY-INSIGHTS.yml
View File

@ -11,13 +11,28 @@ project-lifecycle:
contribution-policy:
accepts-pull-requests: true
accepts-automated-pull-requests: true
automated-tools-list:
- automated-tool: dependabot
action: allowed
path:
- /
contributing-policy: https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md
code-of-conduct: https://github.com/cncf/foundation/blob/master/code-of-conduct.md
distribution-points:
- https://github.com/argoproj/argo-helm/blob/main/SECURITY.md
- https://argoproj.github.io/argo-helm
- https://artifacthub.io/packages/search?org=argoproj&repo=argo
security-contacts:
- type: website
value: https://github.com/argoproj/argo-helm/security/advisories/new
primary: true
vulnerability-reporting:
accepts-vulnerability-reports: true
email-contact: cncf-argo-maintainers@lists.cncf.io
security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md
comment: Please refer to the security policy for reporting information prior to using the email contact.
comment: |
Our preferred contact method related to vulnerabilities is the Security tab on GitHub.
Click the button "Report a vulnerability" to open the advisory form.
Please refer to the security policy for reporting information prior to using the email contact.
dependencies:
env-dependencies-policy:
policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions