From 78cff33ba3fd7e11a0d193193eefa73efd5858c8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Oliver=20B=C3=A4hler?= <oliverbaehler@hotmail.com>
Date: Wed, 25 Oct 2023 09:00:35 +0200
Subject: [PATCH] chore: add more required metadata to security-insights
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
---
 SECURITY-INSIGHTS.yml | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/SECURITY-INSIGHTS.yml b/SECURITY-INSIGHTS.yml
index 420798ff..15ecca82 100644
--- a/SECURITY-INSIGHTS.yml
+++ b/SECURITY-INSIGHTS.yml
@@ -38,3 +38,19 @@ security-testing:
     before-release: true
   comment: |
     Dependabot is enabled for this repo.
+dependencies:
+  third-party-packages: true
+  dependencies-lists:
+  - https://github.com/projectcapsule/capsule/blob/main/go.mod
+  sbom:
+  - sbom-file: https://github.com/projectcapsule/capsule/pkgs/container/sbom
+    sbom-format: CycloneDX
+    sbom-url: https://github.com/projectcapsule/capsule/blob/main/SECURITY.md#software-bill-of-materials-sbom
+security-artifacts:
+  self-assessment:
+    self-assessment-created: false
+security-contacts:
+- type: email
+  value: cncf-capsule-maintainers@lists.cncf.io
+  primary: true
+