sigs.k8s.io/kueue@v0.6.2/SECURITY-INSIGHTS.yaml

sigs.k8s.io/kueue@v0.6.2/SECURITY-INSIGHTS.yaml (about)

     1  header:
     2    schema-version: 1.0.0
     3    expiration-date: '2024-09-28T01:00:00.000Z'
     4    last-updated: '2024-02-09'
     5    last-reviewed: '2024-02-09'
     6    commit-hash: f816b7fffbc9da7f2e2498780ce1b66257fed880
     7    project-url: 'https://github.com/kubernetes-sigs/kueue'
     8    project-release: 0.5.3
     9    changelog: 'https://github.com/kubernetes-sigs/kueue/tree/main/CHANGELOG'
    10    license: 'https://github.com/kubernetes-sigs/kueue/blob/main/LICENSE'
    11  project-lifecycle:
    12    status: active
    13    roadmap: >-
    14      https://github.com/kubernetes-sigs/kueue/blob/9464e42a54d67f785e2e19b8c8bbd4471cd283ad/README.md?plain=1#L98
    15    bug-fixes-only: false
    16    core-maintainers:
    17      - https://github.com/kubernetes-sigs/kueue/blob/main/OWNERS
    18    release-cycle: 'https://github.com/kubernetes-sigs/kueue/blob/main/RELEASE.md'
    19    release-process: >-
    20      https://github.com/kubernetes-sigs/kueue/blob/main/.github/ISSUE_TEMPLATE/NEW_RELEASE.md
    21  contribution-policy:
    22    accepts-pull-requests: true
    23    accepts-automated-pull-requests: true
    24    contributing-policy: 'https://github.com/kubernetes-sigs/kueue/blob/main/CONTRIBUTING.md'
    25    code-of-conduct: >-
    26      https://github.com/kubernetes-sigs/kueue/blob/9464e42a54d67f785e2e19b8c8bbd4471cd283ad/code-of-conduct.md
    27  documentation:
    28    - 'https://kueue.sigs.k8s.io/docs/'
    29  distribution-points:
    30    - >-
    31      https://github.com/kubernetes-sigs/kueue/releases/download/v0.5.3/manifests.yaml
    32  security-artifacts:
    33    threat-model:
    34      threat-model-created: false
    35    self-assessment:
    36      self-assessment-created: false
    37  security-testing:
    38    - tool-type: sca
    39      tool-name: Dependabot
    40      tool-version: '2'
    41      tool-url: 'https://github.com/dependabot'
    42      integration:
    43        ad-hoc: false
    44        ci: true
    45        before-release: true
    46      comment: dependabot interval set to "weekly"
    47  security-contacts:
    48    - type: email
    49      value: kueue-alerts@kubernetes.io
    50      primary: true
    51    - type: email
    52      value: security-discuss-private@kubernetes.io
    53      primary: false
    54  vulnerability-reporting:
    55    accepts-vulnerability-reports: true
    56    email-contact: security@kubernetes.io
    57    Security-policy: 'https://kubernetes.io/security/'
    58    bug-bounty-available: true
    59    bug-bounty-url: 'https://hackerone.com/kubernetes'
    60  dependencies:
    61    third-party-packages: true
    62    dependencies-lists:
    63      - 'https://github.com/kubernetes-sigs/kueue/blob/main/go.mod'