From c2eec1955c1a987ca936d3efe65d6ba240ba9df8 Mon Sep 17 00:00:00 2001 From: Caleb Brown Date: Mon, 9 Oct 2023 14:32:13 +1100 Subject: [PATCH] Adds a SECURITY-INSIGHTS.yml file. Fixes #396 Signed-off-by: Caleb Brown --- SECURITY-INSIGHTS.yml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 SECURITY-INSIGHTS.yml diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml new file mode 100644 index 00000000..acee4c24 --- /dev/null +++ b/SECURITY-INSIGHTS.yml @@ -0,0 +1,39 @@ +header: + schema-version: 1.0.0 + expiration-date: '2023-10-09T00:00:00.000Z' + last-updated: '2023-10-09' + last-reviewed: '2023-10-09' + commit-hash: 0d8e23e9b2834671a41e3c7114e8536873658c47 + project-url: https://github.com/ossf/package-feeds + license: https://github.com/ossf/package-feeds/blob/main/LICENSE + +project-lifecycle: + status: active + bug-fixes-only: false + core-maintainers: + - https://github.com/calebbrown + - https://github.com/maxfisher-g + +contribution-policy: + accepts-pull-requests: true + accepts-automated-pull-requests: true + code-of-conduct: https://github.com/ossf/package-feeds/blob/main/CODE_OF_CONDUCT.md + +distribution-points: +- pkg:golang/github.com/ossf/package-feeds + +security-contacts: +- type: email + value: oss-security@googlegroups.com + primary: true + +vulnerability-reporting: + accepts-vulnerability-reports: true + email-contact: oss-security@googlegroups.com + security-policy: https://github.com/ossf/package-feeds/blob/main/SECURITY.md + bug-bounty-available: false + +dependencies: + third-party-packages: true + dependencies-lists: + - https://github.com/ossf/package-feeds/blob/main/go.mod