1- # Security Insights 2.0 file https://github.com/ossf/security-insights
2- # Schema: https://github.com/ossf/security-insights/blob/main/spec/schema.cue
1+ # Security Insights 2.0 file https://github.com/ossf/security-insights
2+ # Specification: https://github.com/ossf/security-insights/tree/main/spec
3+
34header :
45 schema-version : 2.0.0
5- last-updated : ' 2025-07-26 '
6- last-reviewed : ' 2025-07-26 '
6+ last-updated : ' 2025-09-18 '
7+ last-reviewed : ' 2025-09-18 '
78 url : https://github.com/openfga/python-sdk
89 project-si-source : https://raw.githubusercontent.com/openfga/.github/main/SECURITY-INSIGHTS.yml
910 comment : OpenFGA SDK for Python 3.
@@ -16,23 +17,23 @@ repository:
1617 accepts-automated-change-request : true
1718 no-third-party-packages : false
1819 core-team :
19- - name : Evan Sims
20- affiliation : Okta
21- 22- social : https://github.com/evansims
23- primary : true
24- - name : Adrian Tam
25- affiliation : Okta
26- 27- social : https://github.com/adriantam
28- - name : Ewan Harris
29- affiliation : Okta
30- 31- social : https://github.com/ewanharris
32- - name : Raghd Hamzeh
33- affiliation : Okta
34- 35- social : https://github.com/rhamzeh
20+ - name : Evan Sims
21+ affiliation : Okta
22+ 23+ social : https://github.com/evansims
24+ primary : true
25+ - name : Adrian Tam
26+ affiliation : Okta
27+ 28+ social : https://github.com/adriantam
29+ - name : Ewan Harris
30+ affiliation : Okta
31+ 32+ social : https://github.com/ewanharris
33+ - name : Raghd Hamzeh
34+ affiliation : Okta
35+ 36+ social : https://github.com/rhamzeh
3637
3738 license :
3839 url : https://raw.githubusercontent.com/openfga/python-sdk/main/LICENSE
@@ -49,14 +50,14 @@ repository:
4950 dependency-management-policy : https://github.com/openfga/openfga/blob/main/docs/dependencies-policy.md
5051 governance : https://github.com/openfga/.github/blob/main/GOVERNANCE.md
5152 review-policy : https://github.com/openfga/.github/blob/main/CONTRIBUTING.md
52- security-policy : https://github.com/openfga/python-sdk/security .md
53+ security-policy : https://github.com/openfga/python-sdk/SECURITY .md
5354
5455 security :
5556 assessments :
5657 self :
5758 evidence : https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md
5859 date : ' 2024-12-19'
59- comment : OpenFGA has completed a CNCF security joint assessment with CNCF TAG Security and Compliance
60+ comment : OpenFGA has completed a CNCF security joint assessment with CNCF TAG- Security
6061
6162 champions :
6263 - name : Ewan Harris
@@ -72,7 +73,7 @@ repository:
7273 adhoc : false
7374 ci : true
7475 release : true
75- comment : Dependabot is enabled for this repo to automatically update dependencies.
76+ comment : Dependabot is enabled for this repository to automatically update dependencies.
7677 - name : Snyk
7778 type : SCA
7879 version : latest
@@ -82,9 +83,9 @@ repository:
8283 adhoc : false
8384 ci : true
8485 release : true
85- comment : Snyk is enabled for this repo to scan for vulnerabilities.
86+ comment : Snyk is enabled for this repository to scan for vulnerabilities.
8687 - name : Socket
87- type : other
88+ type : SCA
8889 version : latest
8990 rulesets :
9091 - built-in
@@ -93,3 +94,13 @@ repository:
9394 ci : true
9495 release : true
9596 comment : Socket is enabled for this repo to scan for supply chain security vulnerabilities.
97+ - name : OSSF Scorecard
98+ type : SCA
99+ version : latest
100+ rulesets :
101+ - built-in
102+ integration :
103+ adhoc : false
104+ ci : true
105+ release : true
106+ comment : OSSF Scorecard is enabled for this repository
0 commit comments