Update SECURITY-INSIGHTS (#1111)

aaguiarz · web-flow · commit 257c525db65f · 2025-11-05T12:00:07.000-05:00
diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml
@@ -1,9 +1,10 @@
-# Security Insights 2.0 file https://github.com/ossf/security-insights
-# Schema: https://github.com/ossf/security-insights/blob/main/spec/schema.cue
+# Security Insights 2.0 file https://github.com/ossf/security-insights 
+# Specification: https://github.com/ossf/security-insights/tree/main/spec
+
 header:
   schema-version: 2.0.0
-  last-updated: '2025-07-26'
-  last-reviewed: '2025-07-26'
+  last-updated: '2025-09-18'
+  last-reviewed: '2025-09-18'
   url: https://github.com/openfga/openfga.dev
   project-si-source: https://raw.githubusercontent.com/openfga/.github/main/SECURITY-INSIGHTS.yml
   comment: OpenFGA website and documentation.
@@ -16,31 +17,31 @@ repository:
   accepts-automated-change-request: true
   no-third-party-packages: false
   core-team:
-    - name: Andres Aguiar
-      affiliation: Okta
-      email: andres.aguiar@okta.com
-      social: https://github.com/aaguiarz
-      primary: true
-    - name: Daniel Yeam
-      affiliation: Okta
-      email: daniel.yeam@okta.com
-      social: https://github.com/dyeam0
-    - name: Patrick Dillon
-      affiliation: Okta
-      email: patrick.dillon@okta.com
-      social: https://github.com/pdillon
-    - name: Rishav Mishra
-      affiliation: Okta
-      email: rishav.mishra@okta.com
-      social: https://github.com/rishavmishra-okta
-    - name: Talent Zeng
-      affiliation: Okta
-      email: talent.zeng@okta.com
-      social: https://github.com/ttrzeng
-    - name: Tyler Nix
-      affiliation: Okta
-      email: tyler.nix@okta.com
-      social: https://github.com/tylernix
+  - name: Andres Aguiar
+    affiliation: Okta
+    email: andres.aguiar@okta.com
+    social: https://github.com/aaguiarz
+    primary: true
+  - name: Daniel Yeam
+    affiliation: Okta
+    email: daniel.yeam@okta.com
+    social: https://github.com/dyeam0
+  - name: Patrick Dillon
+    affiliation: Okta
+    email: patrick.dillon@okta.com
+    social: https://github.com/pdillon
+  - name: Rishav Mishra
+    affiliation: Okta
+    email: rishav.mishra@okta.com
+    social: https://github.com/rishavmishra-okta
+  - name: Talent Zeng
+    affiliation: Okta
+    email: talent.zeng@okta.com
+    social: https://github.com/ttrzeng
+  - name: Tyler Nix
+    affiliation: Okta
+    email: tyler.nix@okta.com
+    social: https://github.com/tylernix
 
   license:
     url: https://raw.githubusercontent.com/openfga/openfga.dev/main/LICENSE
@@ -58,7 +59,7 @@ repository:
       self:
         evidence: https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md
         date: '2024-12-19'
-        comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG Security and Compliance
+        comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG-Security
 
     tools:
       - name: Dependabot
@@ -70,7 +71,7 @@ repository:
           adhoc: false
           ci: true
           release: true
-        comment: Dependabot is enabled for this repo to automatically update dependencies.
+        comment: Dependabot is enabled for this repository to automatically update dependencies.
       - name: Snyk
         type: SCA
         version: latest
@@ -80,14 +81,24 @@ repository:
           adhoc: false
           ci: true
           release: true
-        comment: Snyk is enabled for this repo to scan for vulnerabilities.
+        comment: Snyk is enabled for this repository to scan for vulnerabilities.
       - name: Socket
-        type: other
+        type: SCA
+        version: latest
+        rulesets:
+          - built-in
+        integration:
+          adhoc: false
+          ci: true
+          release: true
+        comment: Socket is enabled for this repository to scan for supply chain security vulnerabilities.
+      - name: OSSF Scorecard
+        type: SCA
         version: latest
         rulesets:
           - built-in
         integration:
           adhoc: false
           ci: true
           release: true
-        comment: Socket is enabled for this repo to scan for supply chain security vulnerabilities.
+        comment: OSSF Scorecard is enabled for this repository.
diff --git a/blog/fine-grained-news-2025-01.md b/blog/fine-grained-news-2025-01.md
@@ -68,7 +68,7 @@ We are very grateful with the OpenFGA community, who helped shipping **126** rel
 
 [Andres Aguiar](https://www.linkedin.com/in/aaguiar/) from Okta was invited to present on the Maintainer’s Summit at KubeCon Europe aaout our experiences collaborating with the CNCF TAG-Security team: [A Project Maintainers Guide To TAG Security](https://maintainersummiteu2025.sched.com/event/1tj8v/a-project-maintainers-guide-to-tag-security-marina-moore-edera-andres-aguiar-okta).
 
-[Mark Laing](https://www.linkedin.com/in/mark-laing/) from Canonical will present at FOSDEM about [Fine-grained access control in LXD with OpenFGA](https://fosdem.org/2025/schedule/event/fosdem-2025-6194-fine-grained-access-control-in-lxd-with-openfga/).
+[Mark Laing](https://www.linkedin.com/in/mark-laing/) from Canonical will present at FOSDEM about [Fine-grained access control in LXD with OpenFGA](https://archive.fosdem.org/2025/schedule/event/fosdem-2025-6194-fine-grained-access-control-in-lxd-with-openfga/).
 
 ## **See You Next Month:**
 
