diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 0c0a84c..dc53e45 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -1,9 +1,10 @@ -# Security Insights 2.0 file https://github.com/ossf/security-insights -# Schema: https://github.com/ossf/security-insights/blob/main/spec/schema.cue +# Security Insights 2.0 file https://github.com/ossf/security-insights +# Specification: https://github.com/ossf/security-insights/tree/main/spec + header: schema-version: 2.0.0 - last-updated: '2025-07-26' - last-reviewed: '2025-07-26' + last-updated: '2025-09-18' + last-reviewed: '2025-09-18' url: https://github.com/openfga/python-sdk project-si-source: https://raw.githubusercontent.com/openfga/.github/main/SECURITY-INSIGHTS.yml comment: OpenFGA SDK for Python 3. @@ -16,23 +17,23 @@ repository: accepts-automated-change-request: true no-third-party-packages: false core-team: - - name: Evan Sims - affiliation: Okta - email: evan.sims@okta.com - social: https://github.com/evansims - primary: true - - name: Adrian Tam - affiliation: Okta - email: adrian.tam@okta.com - social: https://github.com/adriantam - - name: Ewan Harris - affiliation: Okta - email: ewan.harris@okta.com - social: https://github.com/ewanharris - - name: Raghd Hamzeh - affiliation: Okta - email: raghd.hamzeh@okta.com - social: https://github.com/rhamzeh + - name: Evan Sims + affiliation: Okta + email: evan.sims@okta.com + social: https://github.com/evansims + primary: true + - name: Adrian Tam + affiliation: Okta + email: adrian.tam@okta.com + social: https://github.com/adriantam + - name: Ewan Harris + affiliation: Okta + email: ewan.harris@okta.com + social: https://github.com/ewanharris + - name: Raghd Hamzeh + affiliation: Okta + email: raghd.hamzeh@okta.com + social: https://github.com/rhamzeh license: url: https://raw.githubusercontent.com/openfga/python-sdk/main/LICENSE @@ -49,14 +50,14 @@ repository: dependency-management-policy: https://github.com/openfga/openfga/blob/main/docs/dependencies-policy.md governance: https://github.com/openfga/.github/blob/main/GOVERNANCE.md review-policy: https://github.com/openfga/.github/blob/main/CONTRIBUTING.md - security-policy: https://github.com/openfga/python-sdk/security.md + security-policy: https://github.com/openfga/python-sdk/SECURITY.md security: assessments: self: evidence: https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md date: '2024-12-19' - comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG Security and Compliance + comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG-Security champions: - name: Ewan Harris @@ -72,7 +73,7 @@ repository: adhoc: false ci: true release: true - comment: Dependabot is enabled for this repo to automatically update dependencies. + comment: Dependabot is enabled for this repository to automatically update dependencies. - name: Snyk type: SCA version: latest @@ -82,9 +83,9 @@ repository: adhoc: false ci: true release: true - comment: Snyk is enabled for this repo to scan for vulnerabilities. + comment: Snyk is enabled for this repository to scan for vulnerabilities. - name: Socket - type: other + type: SCA version: latest rulesets: - built-in @@ -93,3 +94,13 @@ repository: ci: true release: true comment: Socket is enabled for this repo to scan for supply chain security vulnerabilities. + - name: OSSF Scorecard + type: SCA + version: latest + rulesets: + - built-in + integration: + adhoc: false + ci: true + release: true + comment: OSSF Scorecard is enabled for this repository