DO NOT CREATE AN ISSUE to report a security problem. Instead, please send an email to cncf-ExternalSecretsOp-maintainers@lists.cncf.io
We learn about critical software updates and security threats from these sources
- GitHub Security Alerts
- Dependabot Dependency Updates
Our Helm charts are designed for ease of use and general-purpose scenarios. We strongly recommend that you review the default configuration and harden it to fit your security requirements.
You can do this by customizing the chart values, or by using our chart as a dependency and extending it with your own security measures, such as NetworkPolicies, Admission Control logic, or other controls.
Any misconfiguration caused by using the provided helm charts is not covered by our support policy - even if it leads to a security incident.
Please follow the guide SECURITY_RESPONSE.md.