mirror of
https://github.com/projectcapsule/capsule.git
synced 2026-02-14 18:09:58 +00:00
e808118b43
* chore(repo): rework makefile and add renovate mangers for pre-commit and makefile binaries Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore(repo): add renovate managers Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore(repo): add renovate managers Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore(repo): add renovate managers Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore(repo): add renovate managers Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore(repo): add renovate managers Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore(repo): add renovate managers Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore(repo): add renovate managers Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
60 lines
2.1 KiB
YAML
60 lines
2.1 KiB
YAML
# Reference https://github.com/ossf/security-insights-spec/blob/v1.0.0/specification.md
|
|
header:
|
|
schema-version: 1.0.0
|
|
expiration-date: '2024-10-24T01:00:00.000Z'
|
|
last-updated: '2023-10-24'
|
|
last-reviewed: '2023-10-24'
|
|
project-url: https://github.com/projectcapsule/capsule
|
|
changelog: https://github.com/projectcapsule/capsule/blob/main/CHANGELOG.md
|
|
license: https://github.com/projectcapsule/capsule/blob/main/LICENSE
|
|
project-lifecycle:
|
|
status: active
|
|
bug-fixes-only: false
|
|
core-maintainers:
|
|
- github:prometherion
|
|
- github:oliverbaehler
|
|
- github:bsctl
|
|
- github:MaxFedotov
|
|
distribution-points:
|
|
- https://github.com/orgs/projectcapsule/packages?repo_name=capsule
|
|
contribution-policy:
|
|
accepts-pull-requests: true
|
|
accepts-automated-pull-requests: true
|
|
contributing-policy: https://github.com/projectcapsule/capsule/blob/main/CONTRIBUTING.md
|
|
code-of-conduct: https://github.com/projectcapsule/capsule/blob/main/CODE_OF_CONDUCT.md
|
|
vulnerability-reporting:
|
|
accepts-vulnerability-reports: true
|
|
security-policy: https://github.com/projectcapsule/capsule/blob/main/SECURITY.md
|
|
email-contact: cncf-capsule-maintainers@lists.cncf.io
|
|
comment: |
|
|
Report a vulnerability by using private security issues in GitHub.
|
|
security-testing:
|
|
- tool-type: sca
|
|
tool-name: Dependabot
|
|
tool-version: latest
|
|
integration:
|
|
ad-hoc: false
|
|
ci: true
|
|
before-release: true
|
|
comment: |
|
|
Dependabot is enabled for this repo.
|
|
dependencies:
|
|
third-party-packages: true
|
|
dependencies-lists:
|
|
- https://github.com/projectcapsule/capsule/blob/main/go.mod
|
|
env-dependencies-policy:
|
|
policy-url: https://github.com/projectcapsule/capsule/blob/main/DEPENDENCY.md
|
|
sbom:
|
|
- sbom-file: https://github.com/projectcapsule/capsule/pkgs/container/sbom
|
|
sbom-format: CycloneDX
|
|
sbom-url: https://github.com/projectcapsule/capsule/blob/main/SECURITY.md#software-bill-of-materials-sbom
|
|
security-artifacts:
|
|
self-assessment:
|
|
self-assessment-created: true
|
|
evidence-url:
|
|
- https://github.com/projectcapsule/capsule/blob/main/SELF_ASSESSMENT.md
|
|
security-contacts:
|
|
- type: email
|
|
value: cncf-capsule-maintainers@lists.cncf.io
|
|
primary: true
|