Both code and the documentation mentions that v1.0.0 is only supported.
It will be great to have support also for 2.0.0 scheme.
|
/// https://github.com/ossf/security-insights-spec/blob/v1.0.0/specification.md |
Other important part is that the name should be lowercased and possiblit placed also in .github folder: Ref: https://github.com/ossf/security-insights/blob/1e60a1509bde03a7163ad42fa65295c8b3877301/README.md#initial-adoption
Projects should include a security-insights.yml file in the root of their repository, or in the appropriate source forge directory such as .github/ or .gitlab/.
Both code and the documentation mentions that v1.0.0 is only supported.
It will be great to have support also for 2.0.0 scheme.
clomonitor/clomonitor-core/src/linter/checks/datasource/security_insights.rs
Line 17 in 790f0d4
Other important part is that the name should be lowercased and possiblit placed also in
.githubfolder: Ref: https://github.com/ossf/security-insights/blob/1e60a1509bde03a7163ad42fa65295c8b3877301/README.md#initial-adoption