mirror of
https://github.com/valitydev/.allstar.git
synced 2024-11-06 02:25:19 +00:00
38 lines
957 B
Markdown
38 lines
957 B
Markdown
|
# Allstar configuration for `valitydev`
|
||
|
|
||
|
[Allstar](https://github.com/ossf/allstar) is a security-policy GitHubApp. It is
|
||
|
installed on this org, and this repo contains the configuration for that app. It
|
||
|
is configured to create issues on repos that do not comply with the configured
|
||
|
policy.
|
||
|
|
||
|
## Enabled Repos
|
||
|
|
||
|
Allstar is configured in opt-out.
|
||
|
|
||
|
## Policy Configuration
|
||
|
|
||
|
These are the expected settings to be in compliance
|
||
|
|
||
|
### [Branch Protection](branch_protection.yaml)
|
||
|
|
||
|
| | |
|
||
|
| --------------------- | ------- |
|
||
|
| Branches enforced | default |
|
||
|
| Require approval | yes |
|
||
|
| Approvals required | 1 |
|
||
|
| Dismiss stale reviews | yes |
|
||
|
| Block force push | yes |
|
||
|
|
||
|
### [Binary Artifacts](binary_artifacts.yaml)
|
||
|
|
||
|
- Binary artifacts not allowed.
|
||
|
|
||
|
### [Outside Collaborators](outside.yaml)
|
||
|
|
||
|
- Push access allowed.
|
||
|
- Admin access not allowed.
|
||
|
|
||
|
### [SECURITY.md](security.yaml)
|
||
|
|
||
|
- SECURITY.md required.
|