From 49732e0399ff142be1f07e74c2c014ff3e73c519 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Wed, 6 Aug 2025 07:22:52 -0300 Subject: [PATCH 1/8] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 83 +++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 .github/SECURITY-INSIGHTS.yml diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml new file mode 100644 index 00000000..98f6f864 --- /dev/null +++ b/.github/SECURITY-INSIGHTS.yml @@ -0,0 +1,83 @@ +header: + schema-version: 2.0.0 + last-updated: '2025-07-26' + last-reviewed: '2025-07-26' + url: https://github.com/openfga/java-sdk + project-si-source: https://raw.githubusercontent.com/openfga/.github/main/SECURITY-INSIGHTS.yml + comment: OpenFGA SDK for Java. + +repository: + url: https://github.com/openfga/java-sdk + status: active + bug-fixes-only: false + accepts-change-request: true + accepts-automated-change-request: true + no-third-party-packages: false + core-team: + - name: Jim Anderson + affiliation: Okta + email: jim.anderson@okta.com + social: https://github.com/jimmyjames + primary: true + - name: Adrian Tam + affiliation: Okta + email: adrian.tam@okta.com + social: https://github.com/adriantam + - name: Ewan Harris + affiliation: Okta + email: ewan.harris@okta.com + social: https://github.com/ewanharris + - name: Raghd Hamzeh + affiliation: Okta + email: raghd.hamzeh@okta.com + social: https://github.com/rhamzeh + + license: + url: https://raw.githubusercontent.com/openfga/java-sdk/main/LICENSE + expression: Apache-2.0 + release: + changelog: https://github.com/openfga/java-sdk/releases + automated-pipeline: true + distribution-points: + - uri: https://github.com/openfga/java-sdk/releases + comment: GitHub Release Page + + documentation: + contributing-guide: https://github.com/openfga/.github/blob/main/CONTRIBUTING.md + dependency-management-policy: https://github.com/openfga/openfga/blob/main/docs/dependencies-policy.md + governance: https://github.com/openfga/.github/blob/main/GOVERNANCE.md + review-policy: https://github.com/openfga/.github/blob/main/CONTRIBUTING.md + security-policy: https://github.com/openfga/java-sdk/SECURITY.md + + security: + assessments: + self: + evidence: https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md + date: '2024-12-19' + comment: OpenFGA has completed a CNCF security join assessment with CNCF TAG-Security + + champions: + - name: Ewan Harris + email: ewan.harris@okta.com + primary: true + tools: + - name: Dependabot + type: SCA + version: latest + rulesets: + - built-in + integration: + adhoc: false + ci: true + release: true + comment: Dependabot is enabled for this repo to automatically update dependencies. + - name: Snyk + type: SCA + version: latest + rulesets: + - built-in + integration: + adhoc: false + ci: true + release: true + comment: Snyk is enabled for this repo to scan for vulnerabilities. From 11d9434af7604347d0a9499b6436968915e80505 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Wed, 6 Aug 2025 08:11:56 -0300 Subject: [PATCH 2/8] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 98f6f864..9b3ca1bd 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -81,3 +81,13 @@ repository: ci: true release: true comment: Snyk is enabled for this repo to scan for vulnerabilities. + - name: Socket + type: other + version: latest + rulesets: + - built-in + integration: + adhoc: false + ci: true + release: true + comment: Socket is enabled for this repo to scan for supply chain security vulnerabilities. From 91188da215233434cad236f749d8e67c78fca127 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Wed, 6 Aug 2025 08:17:39 -0300 Subject: [PATCH 3/8] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 9b3ca1bd..7e1c42ea 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -14,23 +14,23 @@ repository: accepts-automated-change-request: true no-third-party-packages: false core-team: - - name: Jim Anderson - affiliation: Okta - email: jim.anderson@okta.com - social: https://github.com/jimmyjames - primary: true - - name: Adrian Tam - affiliation: Okta - email: adrian.tam@okta.com - social: https://github.com/adriantam - - name: Ewan Harris - affiliation: Okta - email: ewan.harris@okta.com - social: https://github.com/ewanharris - - name: Raghd Hamzeh - affiliation: Okta - email: raghd.hamzeh@okta.com - social: https://github.com/rhamzeh + - name: Jim Anderson + affiliation: Okta + email: jim.anderson@okta.com + social: https://github.com/jimmyjames + primary: true + - name: Adrian Tam + affiliation: Okta + email: adrian.tam@okta.com + social: https://github.com/adriantam + - name: Ewan Harris + affiliation: Okta + email: ewan.harris@okta.com + social: https://github.com/ewanharris + - name: Raghd Hamzeh + affiliation: Okta + email: raghd.hamzeh@okta.com + social: https://github.com/rhamzeh license: url: https://raw.githubusercontent.com/openfga/java-sdk/main/LICENSE From a7acaf9abc186f7737190ebb9c8b5c76aaffc063 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Wed, 6 Aug 2025 08:21:37 -0300 Subject: [PATCH 4/8] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 7e1c42ea..045d2ec9 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -1,3 +1,5 @@ +# Security Insights 2.0 file https://github.com/ossf/security-insights +# Specification: https://github.com/ossf/security-insights/tree/main/spec header: schema-version: 2.0.0 last-updated: '2025-07-26' From 4462e504edbae9192f8d6707a2733cf907b25270 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Wed, 6 Aug 2025 08:30:56 -0300 Subject: [PATCH 5/8] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 045d2ec9..cafb9c88 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -56,7 +56,7 @@ repository: self: evidence: https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md date: '2024-12-19' - comment: OpenFGA has completed a CNCF security join assessment with CNCF TAG-Security + comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG-Security champions: - name: Ewan Harris From ef509f19a132c6fd42db3807f8b5904a600b0dfa Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Wed, 6 Aug 2025 08:33:24 -0300 Subject: [PATCH 6/8] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index cafb9c88..635dee3b 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -56,7 +56,7 @@ repository: self: evidence: https://github.com/cncf/tag-security/blob/main/community/assessments/projects/openfga/joint-assessment.md date: '2024-12-19' - comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG-Security + comment: OpenFGA has completed a CNCF security joint assessment with CNCF TAG Security and Compliance champions: - name: Ewan Harris From c716c90a25914b6ffa8309162ef771a86b45ba97 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Wed, 6 Aug 2025 08:36:05 -0300 Subject: [PATCH 7/8] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 635dee3b..398b625f 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -1,5 +1,5 @@ -# Security Insights 2.0 file https://github.com/ossf/security-insights -# Specification: https://github.com/ossf/security-insights/tree/main/spec +# Security Insights 2.0 file https://github.com/ossf/security-insights +# Schema: https://github.com/ossf/security-insights/blob/main/spec/schema.cue header: schema-version: 2.0.0 last-updated: '2025-07-26' From 5d21ffd9b62e929d8ab25dec6be76ae8efd0c5c9 Mon Sep 17 00:00:00 2001 From: Andres Aguiar Date: Wed, 6 Aug 2025 10:47:41 -0300 Subject: [PATCH 8/8] "chore: updating SECURITY-INSIGHTS" --- .github/SECURITY-INSIGHTS.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/SECURITY-INSIGHTS.yml b/.github/SECURITY-INSIGHTS.yml index 398b625f..ab7e76a8 100644 --- a/.github/SECURITY-INSIGHTS.yml +++ b/.github/SECURITY-INSIGHTS.yml @@ -49,7 +49,7 @@ repository: dependency-management-policy: https://github.com/openfga/openfga/blob/main/docs/dependencies-policy.md governance: https://github.com/openfga/.github/blob/main/GOVERNANCE.md review-policy: https://github.com/openfga/.github/blob/main/CONTRIBUTING.md - security-policy: https://github.com/openfga/java-sdk/SECURITY.md + security-policy: https://github.com/openfga/java-sdk/security.md security: assessments: