From da4984f991fbdca5ea347b21b24cc0c3b4471ca0 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Thu, 18 Sep 2025 19:29:54 -0300 Subject: [PATCH 1/4] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 54 ++++++++++++++--------------------- 1 file changed, 21 insertions(+), 33 deletions(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 0c0a84c..3d6df15 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -1,5 +1,3 @@ -# Security Insights 2.0 file https://github.com/ossf/security-insights -# Schema: https://github.com/ossf/security-insights/blob/main/spec/schema.cue header: schema-version: 2.0.0 last-updated: '2025-07-26' @@ -16,23 +14,23 @@ repository: accepts-automated-change-request: true no-third-party-packages: false core-team: - - name: Evan Sims - affiliation: Okta - email: evan.sims@okta.com - social: https://github.com/evansims - primary: true - - name: Adrian Tam - affiliation: Okta - email: adrian.tam@okta.com - social: https://github.com/adriantam - - name: Ewan Harris - affiliation: Okta - email: ewan.harris@okta.com - social: https://github.com/ewanharris - - name: Raghd Hamzeh - affiliation: Okta - email: raghd.hamzeh@okta.com - social: https://github.com/rhamzeh + - name: Evan Sims + affiliation: Okta + email: evan.sims@okta.com + social: https://github.com/evansims + primary: true + - name: Adrian Tam + affiliation: Okta + email: adrian.tam@okta.com + social: https://github.com/adriantam + - name: Ewan Harris + affiliation: Okta + email: ewan.harris@okta.com + social: https://github.com/ewanharris + - name: Raghd Hamzeh + affiliation: Okta + email: raghd.hamzeh@okta.com + social: https://github.com/rhamzeh license: url: https://raw.githubusercontent.com/openfga/python-sdk/main/LICENSE @@ -49,14 +47,14 @@ repository: dependency-management-policy: https://github.com/openfga/openfga/blob/main/docs/dependencies-policy.md governance: https://github.com/openfga/.github/blob/main/GOVERNANCE.md review-policy: https://github.com/openfga/.github/blob/main/CONTRIBUTING.md - security-policy: https://github.com/openfga/python-sdk/security.md + security-policy: https://github.com/openfga/python-sdk/SECURITY.md security: assessments: self: evidence: https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md date: '2024-12-19' - comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG Security and Compliance + comment: OpenFGA has completed a CNCF security join assessment with CNCF TAG-Security champions: - name: Ewan Harris @@ -72,7 +70,7 @@ repository: adhoc: false ci: true release: true - comment: Dependabot is enabled for this repo to automatically update dependencies. + comment: Dependabot is enabled for this repository to automatically update dependencies. - name: Snyk type: SCA version: latest @@ -82,14 +80,4 @@ repository: adhoc: false ci: true release: true - comment: Snyk is enabled for this repo to scan for vulnerabilities. - - name: Socket - type: other - version: latest - rulesets: - - built-in - integration: - adhoc: false - ci: true - release: true - comment: Socket is enabled for this repo to scan for supply chain security vulnerabilities. + comment: Snyk is enabled for this repository to scan for vulnerabilities. From 3534add2929cb59f37a328e45266488ac1be9874 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Thu, 18 Sep 2025 19:52:40 -0300 Subject: [PATCH 2/4] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 3d6df15..f310ec6 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -54,7 +54,7 @@ repository: self: evidence: https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md date: '2024-12-19' - comment: OpenFGA has completed a CNCF security join assessment with CNCF TAG-Security + comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG-Security champions: - name: Ewan Harris From 2fb144103e4d90fffc686f03fa617153f7c822bb Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Thu, 18 Sep 2025 20:01:03 -0300 Subject: [PATCH 3/4] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index f310ec6..743e919 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -81,3 +81,23 @@ repository: ci: true release: true comment: Snyk is enabled for this repository to scan for vulnerabilities. + - name: Socket + type: SCA + version: latest + rulesets: + - built-in + integration: + adhoc: false + ci: true + release: true + comment: Socket is enabled for this repo to scan for supply chain security vulnerabilities. + - name: OSSF Scorecard + type: SCA + version: latest + rulesets: + - built-in + integration: + adhoc: false + ci: true + release: true + comment: OSSF Scorecard is enabled for this repository From d216166e3f347d152cd0303baaa8aa1345c68c84 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Thu, 18 Sep 2025 20:05:22 -0300 Subject: [PATCH 4/4] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 743e919..dc53e45 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -1,7 +1,10 @@ +# Security Insights 2.0 file https://github.com/ossf/security-insights +# Specification: https://github.com/ossf/security-insights/tree/main/spec + header: schema-version: 2.0.0 - last-updated: '2025-07-26' - last-reviewed: '2025-07-26' + last-updated: '2025-09-18' + last-reviewed: '2025-09-18' url: https://github.com/openfga/python-sdk project-si-source: https://raw.githubusercontent.com/openfga/.github/main/SECURITY-INSIGHTS.yml comment: OpenFGA SDK for Python 3.