From 0bf24136ab9783b0f2d92decaed952907679ac5c Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Thu, 18 Sep 2025 19:31:06 -0300 Subject: [PATCH 1/3] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index c91bb3b..03d9e41 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -1,5 +1,3 @@ -# Security Insights 2.0 file https://github.com/ossf/security-insights -# Schema: https://github.com/ossf/security-insights/blob/main/spec/schema.cue header: schema-version: 2.0.0 last-updated: '2025-07-26' @@ -16,11 +14,11 @@ repository: accepts-automated-change-request: true no-third-party-packages: true core-team: - - name: Andres Aguiar - affiliation: Okta - email: andres.aguiar@okta.com - social: https://github.com/aaguiarz - primary: true + - name: Andres Aguiar + affiliation: Okta + email: andres.aguiar@okta.com + social: https://github.com/aaguiarz + primary: true license: url: https://raw.githubusercontent.com/openfga/rfcs/main/LICENSE @@ -38,7 +36,7 @@ repository: self: evidence: https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md date: '2024-12-19' - comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG Security and Compliance + comment: OpenFGA has completed a CNCF security join assessment with CNCF TAG-Security tools: [] From cd99c5a27ac605ce3bcaac68783383b28dce7582 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Thu, 18 Sep 2025 19:53:31 -0300 Subject: [PATCH 2/3] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 03d9e41..5b7526b 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -36,7 +36,7 @@ repository: self: evidence: https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md date: '2024-12-19' - comment: OpenFGA has completed a CNCF security join assessment with CNCF TAG-Security + comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG-Security tools: [] From b1b6ca766a91b0fbcfe5ef68d5c336bc6a69d48a Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Thu, 18 Sep 2025 20:07:37 -0300 Subject: [PATCH 3/3] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 5b7526b..b160d7b 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -1,7 +1,10 @@ +# Security Insights 2.0 file https://github.com/ossf/security-insights +# Specification: https://github.com/ossf/security-insights/tree/main/spec + header: schema-version: 2.0.0 - last-updated: '2025-07-26' - last-reviewed: '2025-07-26' + last-updated: '2025-09-18' + last-reviewed: '2025-09-18' url: https://github.com/openfga/rfcs project-si-source: https://raw.githubusercontent.com/openfga/.github/main/SECURITY-INSIGHTS.yml comment: An open process for designing substantial changes to OpenFGA.