Skip to content
This repository has been archived by the owner on Oct 30, 2023. It is now read-only.

Please adopt OpenSSF Security Insights for this project #131

Open
caabernathy opened this issue Oct 4, 2023 · 0 comments
Open

Please adopt OpenSSF Security Insights for this project #131

caabernathy opened this issue Oct 4, 2023 · 0 comments

Comments

@caabernathy
Copy link

Hello from the OpenSSF Security Insights team!

Security Insights is a specification for expressing security-relevant metadata about a project in a machine-readable format. It allows you to express things like where a project is in its lifecycle, what kind of security tools are used, and whether you want to accept automated pull requests. It complements Scorecard metrics by focusing on things that often can’t be found by analyzing repository contents.

As part of our launch, we’d like to see OpenSSF adopt the Security Insights specification across our code projects. This is as simple as adding a SECURITY-INSIGHTS.yml file to your repository root. The entire process should take less than 10 minutes. The full specification is located https://github.com/ossf/security-insights-spec/blob/v1.0.0/specification.md.

If you have questions about the Security Insights specification or this request, feel free to reach out to us on slack (#security_insights_spec) or open an issue in our repository (ossf/security-insights-spec).

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant