Skip to content

Update README file's security section #921

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 10, 2025
Merged

Update README file's security section #921

merged 3 commits into from
Apr 10, 2025

Conversation

izmalk
Copy link
Contributor

@izmalk izmalk commented Apr 9, 2025
edited
Loading

Issue

Security section of the README contains an old link to the LaunchPad.
We are using GitHub Private vulnerability reporting now.

Solution

Update the link and wording,
Additionally, minor refactoring for headings syntax.

Checklist

  • I have added or updated any relevant documentation.
  • I have cleaned any remaining cloud resources from my accounts.

@izmalk izmalk requested a review from marceloneppel April 9, 2025 17:45
@izmalk izmalk self-assigned this Apr 9, 2025
@izmalk izmalk added documentation Improvements or additions to documentation not bug or enhancement PR is not 'bug' or 'enhancement'. For release notes labels Apr 9, 2025
marceloneppel
marceloneppel approved these changes Apr 9, 2025
View reviewed changes
Copy link
Member

@marceloneppel marceloneppel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks!

@izmalk izmalk requested a review from a-velasco April 9, 2025 17:57
@marceloneppel marceloneppel removed the request for review from taurus-forever April 9, 2025 18:12
@taurus-forever taurus-forever mentioned this pull request Apr 9, 2025
Merged
a-velasco
a-velasco approved these changes Apr 10, 2025
View reviewed changes
Copy link
Contributor

@a-velasco a-velasco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@a-velasco a-velasco merged commit 3ce2aa5 into canonical:main Apr 10, 2025
7 of 8 checks passed
dragomirp added a commit that referenced this pull request Apr 16, 2025
@dragomirp @renovate
@sinclert-canonical @marceloneppel @a-velasco @izmalk
[MISC] Sync up changes from 14 (#928)
79350d0 
* Update charmcraft.yaml build tools (#903)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update canonical/data-platform-workflows action to v31.0.1 (#902)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6344] LDAP IV: Define pebble service (#897)

* Update ghcr.io/canonical/charmed-postgresql:14.17-22.04_edge Docker digest to 5f8d51a (#908)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6344] LDAP V: Define mapping option (#900)

* Update charmcraft.yaml build tools (#912)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6910] Remove duplicate parameters specification (#896)

* Remove duplicate parameters specification

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Enable config test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix linting

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* [MISC] Conditional checksum calculation (#901)

* Conditional checksum calculation

* Converge s3 resource creation

* Tactically deployed sleep

* Early fail

* Update charmcraft.yaml build tools (#916)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Create SECURITY.md (#914)

* Update pull_request_template.md (#918)

* [MISC] Add missing connection vars (#920)

* Update README file's security section (#921)

* Add empty lines after headings

* Update security section

* Update link to make it clear that's not GitHub issues

* [DPE-6218] Static code analysis (#915)

* Create actionlint.yaml

* Create tiobe_scan.yaml

* Add push event to trigger the workflow once

* Install libpq-dev

* Remove push event

* Test adding unit venv to PATH

* Test sourcing unit venv

* Fix sourcing

* Test installing dependencies

* Activate virtual environment

* Add poetry dependency

* Fix TICS auth token variable

* Move results to the right folder

* Delete .github/actionlint.yaml

* Install ops

* Install dependencies through poetry

* Install extra dependencies

* Install dependencies from all groups

* Remove unnecessary step

* Remove permission

* Remove push trigger

* Add double quotes to environment variables

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add push trigger

* Remove push trigger

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Update dependency uv to v0.6.14 (#924)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Sinclert Pérez <sinclert.perez@canonical.com>
Co-authored-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Andreia <andreia.velasco@canonical.com>
Co-authored-by: Vladimir Izmalkov <48120135+izmalk@users.noreply.github.com>
dragomirp added a commit that referenced this pull request Apr 25, 2025
@dragomirp @renovate
@sinclert-canonical @marceloneppel @a-velasco @izmalk
[MISC] Sync main into 16/edge (#943)
689d616 
* Update charmcraft.yaml build tools (#903)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update canonical/data-platform-workflows action to v31.0.1 (#902)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6344] LDAP IV: Define pebble service (#897)

* Update ghcr.io/canonical/charmed-postgresql:14.17-22.04_edge Docker digest to 5f8d51a (#908)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6344] LDAP V: Define mapping option (#900)

* Update charmcraft.yaml build tools (#912)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6910] Remove duplicate parameters specification (#896)

* Remove duplicate parameters specification

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Enable config test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix linting

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* [MISC] Conditional checksum calculation (#901)

* Conditional checksum calculation

* Converge s3 resource creation

* Tactically deployed sleep

* Early fail

* Update charmcraft.yaml build tools (#916)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Create SECURITY.md (#914)

* Update pull_request_template.md (#918)

* [MISC] Add missing connection vars (#920)

* Update README file's security section (#921)

* Add empty lines after headings

* Update security section

* Update link to make it clear that's not GitHub issues

* [DPE-6218] Static code analysis (#915)

* Create actionlint.yaml

* Create tiobe_scan.yaml

* Add push event to trigger the workflow once

* Install libpq-dev

* Remove push event

* Test adding unit venv to PATH

* Test sourcing unit venv

* Fix sourcing

* Test installing dependencies

* Activate virtual environment

* Add poetry dependency

* Fix TICS auth token variable

* Move results to the right folder

* Delete .github/actionlint.yaml

* Install ops

* Install dependencies through poetry

* Install extra dependencies

* Install dependencies from all groups

* Remove unnecessary step

* Remove permission

* Remove push trigger

* Add double quotes to environment variables

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add push trigger

* Remove push trigger

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Update dependency uv to v0.6.14 (#924)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Disable pgaudit (#931)

* Lock file maintenance Python dependencies (main) (#904)

* Lock file maintenance Python dependencies

* Add a separate pyproj for libs

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Dragomir Penev <dragomir.penev@canonical.com>

* [DPE-6344] Remove CA transferred check (#932)

* [MISC] Don't set tls flag if relation isn't initialised (#933)

* Don't set tls flag if relation isn't initialised

* Unit test

* Update dependency uv to v0.6.16 (#936)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Lock file maintenance Python dependencies (#937)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update ghcr.io/canonical/charmed-postgresql:14.17-22.04_edge Docker digest to 1d771d2 (#935)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Sinclert Pérez <sinclert.perez@canonical.com>
Co-authored-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Andreia <andreia.velasco@canonical.com>
Co-authored-by: Vladimir Izmalkov <48120135+izmalk@users.noreply.github.com>
dragomirp added a commit that referenced this pull request May 6, 2025
@dragomirp @renovate
@sinclert-canonical @marceloneppel @a-velasco @izmalk
[MISC] Sync main to 16/edge (#958)
c266336 
* Update charmcraft.yaml build tools (#903)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update canonical/data-platform-workflows action to v31.0.1 (#902)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6344] LDAP IV: Define pebble service (#897)

* Update ghcr.io/canonical/charmed-postgresql:14.17-22.04_edge Docker digest to 5f8d51a (#908)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6344] LDAP V: Define mapping option (#900)

* Update charmcraft.yaml build tools (#912)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6910] Remove duplicate parameters specification (#896)

* Remove duplicate parameters specification

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Enable config test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix linting

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* [MISC] Conditional checksum calculation (#901)

* Conditional checksum calculation

* Converge s3 resource creation

* Tactically deployed sleep

* Early fail

* Update charmcraft.yaml build tools (#916)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Create SECURITY.md (#914)

* Update pull_request_template.md (#918)

* [MISC] Add missing connection vars (#920)

* Update README file's security section (#921)

* Add empty lines after headings

* Update security section

* Update link to make it clear that's not GitHub issues

* [DPE-6218] Static code analysis (#915)

* Create actionlint.yaml

* Create tiobe_scan.yaml

* Add push event to trigger the workflow once

* Install libpq-dev

* Remove push event

* Test adding unit venv to PATH

* Test sourcing unit venv

* Fix sourcing

* Test installing dependencies

* Activate virtual environment

* Add poetry dependency

* Fix TICS auth token variable

* Move results to the right folder

* Delete .github/actionlint.yaml

* Install ops

* Install dependencies through poetry

* Install extra dependencies

* Install dependencies from all groups

* Remove unnecessary step

* Remove permission

* Remove push trigger

* Add double quotes to environment variables

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add push trigger

* Remove push trigger

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Update dependency uv to v0.6.14 (#924)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Disable pgaudit (#931)

* Lock file maintenance Python dependencies (main) (#904)

* Lock file maintenance Python dependencies

* Add a separate pyproj for libs

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Dragomir Penev <dragomir.penev@canonical.com>

* [DPE-6344] Remove CA transferred check (#932)

* [MISC] Don't set tls flag if relation isn't initialised (#933)

* Don't set tls flag if relation isn't initialised

* Unit test

* Update dependency uv to v0.6.16 (#936)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Lock file maintenance Python dependencies (#937)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update ghcr.io/canonical/charmed-postgresql:14.17-22.04_edge Docker digest to 1d771d2 (#935)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6664] Make username mandatory in set-password (#934)

* Make username mandatory

* Default in get_password

* Lock file maintenance Python dependencies (#944)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Mandatory scope (#947)

* Lock file maintenance Python dependencies (#949)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Update charmcraft.yaml build tools (#948)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6344] Persist transferred certificates upon start (#953)

* [MISC] Extend relation-user listing syntax (#957)

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Sinclert Pérez <sinclert.perez@canonical.com>
Co-authored-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Andreia <andreia.velasco@canonical.com>
Co-authored-by: Vladimir Izmalkov <48120135+izmalk@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@taurus-forever taurus-forever taurus-forever approved these changes

@a-velasco a-velasco a-velasco approved these changes

@marceloneppel marceloneppel marceloneppel approved these changes

Assignees

@izmalk izmalk

Labels
documentation Improvements or additions to documentation not bug or enhancement PR is not 'bug' or 'enhancement'. For release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@izmalk @taurus-forever @a-velasco @marceloneppel