|
| 1 | +# This file contains contact info for the team that maintains |
| 2 | +# this repo. This information will be used by security in the |
| 3 | +# event that we need to contact you about security issues |
| 4 | +# discovered in this code. |
| 5 | +# |
| 6 | +# See https://wolinks.com/repocontact for more information. |
| 7 | +# |
| 8 | +# You may use the Red Hat YAML extension in VS Code to validate this file. |
| 9 | +# yaml-language-server: $schema=https://security-api.appsec.inday.io/schemas/security_contact.json |
| 10 | + |
| 11 | +version: "1.0" |
| 12 | + |
| 13 | +# Owners identify the individuals/groups who maintain this repo. |
| 14 | +owners: |
| 15 | + # Users are Corp AD/LDAP usernames (CNs), prefixed with 'corp:'. |
| 16 | + # We require at least one user to be specified to allow us to |
| 17 | + # map users into WoW. This might be the manager or tech lead |
| 18 | + # for this repo. |
| 19 | + users: |
| 20 | + - corp:CHANGEME |
| 21 | + # Groups are optional, but allow you to point to existing AD/LDAP |
| 22 | + # user groups (CNs), prefixed with 'corp:'. This might be your |
| 23 | + # team's existing DL group or similar. You may remove 'groups' or |
| 24 | + # keep it empty if you are not using any groups. |
| 25 | + groups: |
| 26 | + - corp:CHANGEME |
| 27 | + |
| 28 | +# Specify how you would like to be contacted if security finds an issue |
| 29 | +# in your code. You must provide at least one contact method. You may |
| 30 | +# remove any contact methods you are not using. You may set 'notify' to |
| 31 | +# 'false' for cases where you'd like to list a contact method for |
| 32 | +# completeness, but don't actually want us to send automated alerts to it. |
| 33 | +contact: |
| 34 | + jira: |
| 35 | + - project: CHANGEME |
| 36 | + component: CHANGEME_OPTIONAL |
| 37 | + notify: true |
| 38 | + slack: |
| 39 | + - channel: CHANGEME |
| 40 | + notify: true |
| 41 | + email: |
| 42 | + |
| 43 | + notify: false |
| 44 | + |
| 45 | +# Which services does the code in this repo support? |
| 46 | +# Service names should match those in https://wolinks.com/servicenames. |
| 47 | +# This field also supports some special values for repos that do not |
| 48 | +# directly host code for production services, including: |
| 49 | +# - LIBRARY: For cases where the repo is a library imported by prod services |
| 50 | +# - BUILDTOOL: For cases where the repo is a tool that builds prod services |
| 51 | +# - LEGACY: For cases where the repo is no longer in use |
| 52 | +# - NONE: For cases where the repo does not support prod services or fall |
| 53 | +# into any of the other categories above. |
| 54 | +services: |
| 55 | + - CHANGEME |
| 56 | + |
| 57 | +# Which service account(s) does your team use with artifactory? You may |
| 58 | +# this or leave a blank list if this repo does not store build artifacts |
| 59 | +# in artifactory. |
| 60 | +service_accounts: |
| 61 | + - CHANGEME |
0 commit comments