Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create Security Policy for the Devfiles Org #1461

Open
3 tasks done
thepetk opened this issue Feb 29, 2024 · 3 comments
Open
3 tasks done

Create Security Policy for the Devfiles Org #1461

thepetk opened this issue Feb 29, 2024 · 3 comments
Labels
area/alizer Enhancement or issue related to the alizer repo area/api Enhancement or issue related to the api/devfile specification area/landing-page Issues with the Landing Page area/library Common devfile library for interacting with devfiles area/registry Devfile registry for stacks and infrastructure kind/epic A high level requirement that can/should be split into smaller issues kind/user-story User story for new enhancement

Comments

@thepetk
Copy link
Contributor

thepetk commented Feb 29, 2024
edited
Loading

/kind user-story
/kind epic

Which area this user story is related to?

/area api
/area library
/area registry
/area alizer
/area landing-page

User Story

As part of the CNCF Defender EPIC it is recommended to add a security-policy. As part of the security policy it is also recommended to add:

Both the threat model and the vulnerability report process can be part of a more generic Security.md file which also can define additional policies and procedures followed by the devfile org.

Acceptance Criteria
@openshift-ci openshift-ci bot added kind/user-story User story for new enhancement kind/epic A high level requirement that can/should be split into smaller issues area/api Enhancement or issue related to the api/devfile specification area/library Common devfile library for interacting with devfiles area/registry Devfile registry for stacks and infrastructure area/alizer Enhancement or issue related to the alizer repo area/landing-page Issues with the Landing Page labels Feb 29, 2024
@thepetk thepetk moved this to Backlog in Devfile Project Feb 29, 2024
@Jdubrick
Copy link
Contributor

In addition to what Fanis states in the description, the Security.md file will most likely contain the same information for all repositories contained as part of #1297

This was referenced Mar 1, 2024
Merged
Closed
@Jdubrick Jdubrick mentioned this issue Mar 1, 2024
Open
1 task
@thepetk thepetk mentioned this issue Aug 22, 2024
Merged
4 tasks
@thepetk thepetk moved this from Backlog to In Review 👀 in Devfile Project Aug 24, 2024
@thepetk thepetk mentioned this issue Aug 24, 2024
Closed
1 task
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 4, 2024

This issue is stale because it has been open for 90 days with no activity. Remove stale label or comment or this will be closed in 120 days.

@github-actions github-actions bot added the lifecycle/stale Stale items. These items have not been updated for 90 days. label Dec 4, 2024
@thepetk
Copy link
Contributor Author

thepetk commented Dec 4, 2024

Let's keep it open for now!

@thepetk thepetk removed the lifecycle/stale Stale items. These items have not been updated for 90 days. label Dec 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/alizer Enhancement or issue related to the alizer repo area/api Enhancement or issue related to the api/devfile specification area/landing-page Issues with the Landing Page area/library Common devfile library for interacting with devfiles area/registry Devfile registry for stacks and infrastructure kind/epic A high level requirement that can/should be split into smaller issues kind/user-story User story for new enhancement
Projects
Devfile Project
Status: In Review 👀
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thepetk @Jdubrick