forked from argoproj/argo-helm
-
Notifications
You must be signed in to change notification settings - Fork 0
/
SECURITY-INSIGHTS.yml
38 lines (38 loc) · 1.49 KB
/
SECURITY-INSIGHTS.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
header:
schema-version: '1.0.0'
expiration-date: '2024-11-04T10:00:00.000Z'
project-url: https://github.com/argoproj/argo-helm
project-lifecycle:
status: active
bug-fixes-only: false
core-maintainers:
- https://github.com/mkilchhofer
- https://github.com/jmeridth
contribution-policy:
accepts-pull-requests: true
accepts-automated-pull-requests: true
automated-tools-list:
- automated-tool: dependabot
action: allowed
path:
- /
contributing-policy: https://github.com/argoproj/argo-helm/blob/main/CONTRIBUTING.md
code-of-conduct: https://github.com/cncf/foundation/blob/master/code-of-conduct.md
distribution-points:
- https://argoproj.github.io/argo-helm
- https://artifacthub.io/packages/search?org=argoproj&repo=argo
security-contacts:
- type: website
value: https://github.com/argoproj/argo-helm/security/advisories/new
primary: true
vulnerability-reporting:
accepts-vulnerability-reports: true
email-contact: cncf-argo-maintainers@lists.cncf.io
security-policy: https://github.com/argoproj/argo-helm/blob/main/SECURITY.md
comment: |
Our preferred contact method related to vulnerabilities is the Security tab on GitHub.
Click the button "Report a vulnerability" to open the advisory form.
Please refer to the security policy for reporting information prior to using the email contact.
dependencies:
env-dependencies-policy:
policy-url: https://github.com/argoproj/argo-helm/blob/master/CONTRIBUTING.md#new-application-versions