source-controller/.github/security-insights.yml at a3d565a79b7783b8cec48a195066a57eef6b2a8a · fluxcd/source-controller · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
header:
  schema-version: 2.0.0
  last-updated: '2025-04-03'
  last-reviewed: '2025-04-03'
  url: https://github.com/fluxcd/source-controller/blob/main/.github/security-insights.yml
  project-si-source: https://raw.githubusercontent.com/fluxcd/source-controller/refs/heads/main/.github/security-insights.yml
  comment: |
    This file contains only the repository information for the Flux source-controller.

repository:
  url: https://github.com/fluxcd/source-controller
  status: active
  bug-fixes-only: false
  accepts-change-request: true
  accepts-automated-change-request: true
  no-third-party-packages: false
  core-team:
    - name:        Aurel Canciu
      affiliation: NexHealth
      email:       aurel.canciu@nexhealth.com
      social:      github: @relu, slack: relu
      primary:     false
    - name:        Hidde Beydals
      affiliation: Independent
      email:       hidde@hhh.computer
      social:      github: @hiddeco, slack: hidde
      primary:     false
    - name:        Matheus Pimenta
      affiliation: ControlPlane
      email:       matheuscscp@linux.com
      social:      github: @matheuscscp, slack: matheuscscp
      primary:     false
    - name:        Max Jonas Werner
      affiliation: Associmates
      email:       max.werner@associmates.eu
      social:      github: @makkes, slack: max
      primary:     false
    - name:        Paulo Gomes
      affiliation: SUSE
      email:       pjbgf@linux.com
      social:      github: @pjbgf, slack: pjbgf
      primary:     false
    - name:        Sanskar Jaiswal
      affiliation: Independent
      email:       jaiswalsanskar078@gmail.com
      social:      github: @aryan9600, slack: aryan9600
      primary:     false
    - name:        Soule BA
      affiliation: ControlPlane
      email:       bah.soule@gmail.com
      social:      github: @souleb, slack: souleb
      primary:     false
    - name:        Stefan Prodan
      affiliation: ControlPlane
      email:       stefan.prodan@gmail.com
      social:      github: @stefanprodan, slack: stefanprodan
      primary:     false
  documentation:
    contributing-guide: https://github.com/fluxcd/source-controller/blob/main/DEVELOPMENT.md
    security-policy: https://github.com/fluxcd/source-controller/security
  license:
    url: https://github.com/fluxcd/source-controller/blob/main/LICENSE
  release:
    changelog: https://github.com/fluxcd/source-controller/releases
    automated-pipeline: true
    distribution-points:
      - uri:  https://github.com/fluxcd/source-controller/releases
        comment: GitHub Release Page
    license:
      url: https://github.com/fluxcd/source-controller/blob/main/LICENSE
      expression: Apache-2.0
  security:
    assessments:
      third-party:
        - evidence: https://fluxcd.io/FluxFinalReport-v1.1.pdf
          date: '2021-10-18'
          comment: |
            Overview available at https://fluxcd.io/blog/2021/11/flux-security-audit/