forked from meshery/meshery
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathSECURITY-INSIGHTS.yml
More file actions
99 lines (97 loc) · 3.89 KB
/
SECURITY-INSIGHTS.yml
File metadata and controls
99 lines (97 loc) · 3.89 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
header:
schema-version: 2.0.0
last-updated: '2026-03-03'
last-reviewed: '2026-03-03'
url: https://github.com/meshery/meshery/blob/master/SECURITY-INSIGHTS.yml
comment: |
This file contains the security information for the Meshery project.
project:
name: Meshery
homepage: https://meshery.io
roadmap: https://github.com/meshery/meshery/blob/master/ROADMAP.md
administrators:
- name: Lee Calcote
affiliation: Layer5
social: https://layer5.io/community/members/lee-calcote/
primary: true
documentation:
quickstart-guide: https://docs.meshery.io/installation/quick-start
detailed-guide: https://docs.meshery.io/guides
code-of-conduct: https://github.com/meshery/meshery/blob/master/CODE_OF_CONDUCT.md
release-process: https://docs.meshery.io/project/contributing/build-and-release#release-channels
support-policy: https://docs.meshery.io/project/contributing/build-and-release#release-support
design: https://docs.meshery.io/concepts/architecture
repositories:
- name: Meshery
url: https://github.com/meshery/meshery
comment: |
Meshery is the core repository for the Meshery CNCF project.
- name: meshery.io
url: https://github.com/meshery/meshery.io
comment: |
The source code and content for the official Meshery website (meshery.io).
- name: meshkit
url: https://github.com/meshery/meshkit
comment: |
A common microservices framework used across various Meshery components for consistent toolkit functionality.
- name: meshery-operator
url: https://github.com/meshery/meshery-operator
comment: |
The Kubernetes operator for Meshery, managing the lifecycle of Meshery components within a cluster.
- name: meshsync
url: https://github.com/meshery/meshsync
comment: |
A custom controller that performs multi-cluster resource discovery and keeps Meshery in sync with infrastructure changes.
- name: schemas
url: https://github.com/meshery/schemas
comment: |
Contains the logical object models and JSON schemas that define Meshery's cloud native resources.
- name: play
url: https://github.com/meshery/play
comment: |
The Cloud Native Playground, a hosted environment for exploring Kubernetes and CNCF projects using Meshery.
- name: qa
url: https://github.com/meshery/qa
comment: |
The project quality dashboard and testing infrastructure for ensuring Meshery's compatibility and performance.
- name: meshery-adapter-library
url: https://github.com/meshery/meshery-adapter-library
comment: |
A Go library providing common functionality for building and maintaining Meshery adapters.
vulnerability-reporting:
reports-accepted: true
bug-bounty-available: false
contact:
name: Meshery Security
email: security@meshery.dev
primary: true
repository:
url: https://github.com/meshery/meshery
status: active
accepts-change-request: true
accepts-automated-change-request: false
core-team:
- name: Lee Calcote
affiliation: Layer5
social: https://layer5.io/community/members/lee-calcote/
primary: true
- name: Sangram Rath
affiliation: OD10
social: https://layer5.io/community/members/sangram-rath/
license:
url: https://github.com/meshery/meshery/blob/master/LICENSE
expression: Apache-2.0
security:
assessments:
self:
comment: |
Self assessment has not yet been completed.
documentation:
contributing-guide: https://docs.meshery.io/project/contributing
governance: https://github.com/meshery/meshery/blob/master/GOVERNANCE.md
security-policy: https://github.com/meshery/meshery/blob/master/SECURITY.md
release:
automated-pipeline: true
distribution-points:
- uri: https://github.com/meshery/meshery/releases
comment: Meshery Releases page in GitHub