-
Hi, it's Joyce again and I've got another security suggestion for TwelveMonkeys.
**Is your feature request related to a use case or a problem you are working on? Please describe.**
It is related…
-
Hello, I am Joyce and I'm working on behalf of Google and the [Open Source Security Foundation][ossf] to help essential open-source projects improve their supply-chain security. Given impact tha…
-
Hi!
I see that your GitHub workflows currently don't specify the permissions of their jobs -- in this way their privileges are being determined by GitHub's defaults. If you define minimal permissio…
-
Hello!
There are changes in your OpenSSF Scorecard report.
Please review the following changes and take action if necessary.
## Summary
There are changes in the following repositories:
| Repos…
-
Hi! I'm Joyce again (#5324 and #5147) and I'd like to bring another security suggestion.
Enabling the [OpenSSF Scorecard Action](https://github.com/ossf/scorecard-action) can help on identifying be…
-
Reference: https://github.com/nodejs/security-wg/blob/main/tools/ossf_scorecard/report.md
We need to:
- [x] Enable code-scanning in the Node.js repository by setting a [scorecard.yml](https://gi…
-
Set minimum permissions to workflows helps keep the workflows more safe against supply-chain attacks. GitHub gives [higher permissions to workflows by default](https://docs.github.com/en/actions/secur…
-
Hello, I am Joyce and I'm working on behalf of Google and the [Open Source Security Foundation][ossf] to help essential open-source projects improve their supply-chain security. Given the impact Distr…
-
Current status
[![CLOMonitor](https://img.shields.io/endpoint?url=https://clomonitor.io/api/projects/cncf/kubearmor/badge)](https://clomonitor.io/projects/cncf/kubearmor)
```[tasklist]
### [KubeA…
-
Adding a Security Policy is important to provide guidance on how users can report potential vulnerabilities and also raise awareness of when vulnerabilities will be confirmed, fixed and disclosed.
…