Update security-insights.yml

Signed-off-by: Michael Morris <105736419+MichaelMorrisEst@users.noreply.github.com>

.github/security-insights.yml

@@ -5,29 +5,73 @@ header:
   url: https://github.com/fluxcd/flux2/.github/blob/main/security-insights.yml
   comment: |
     This file contains the security insights information for the flux2 project.
-
+    
-project:
+repository:
-  name: flux2
+  url: https://github.com/fluxcd/flux2
-  homepage: https://github.com/fluxcd/flux2
+  status: active
-  administrators:
+  bug-fixes-only: false
-    - name: 
+  accepts-change-request: true
-      affiliation:
+  accepts-automated-change-request: true
-      social:
+  no-third-party-packages: false
-      primary:
+  core-team:
+    - name:        Aurel Canciu
+      affiliation: NexHealth
+      email:       aurel.canciu@nexhealth.com
+      social:      github: @relu, slack: relu
+      primary:     false
+    - name:        Hidde Beydals
+      affiliation: Independent
+      email:       hidde@hhh.computer
+      social:      github: @hiddeco, slack: hidde
+      primary:     false
+    - name:        Matheus Pimenta
+      affiliation: ControlPlane
+      email:       matheuscscp@linux.com
+      social:      github: @matheuscscp, slack: matheuscscp
+      primary:     false
+    - name:        Max Jonas Werner
+      affiliation: Associmates
+      email:       max.werner@associmates.eu
+      social:      github: @makkes, slack: max
+      primary:     false
+    - name:        Paulo Gomes
+      affiliation: SUSE
+      email:       pjbgf@linux.com
+      social:      github: @pjbgf, slack: pjbgf
+      primary:     false
+    - name:        Sanskar Jaiswal
+      affiliation: Independent
+      email:       jaiswalsanskar078@gmail.com
+      social:      github: @aryan9600, slack: aryan9600
+      primary:     false
+    - name:        Soule BA
+      affiliation: ControlPlane
+      email:       bah.soule@gmail.com
+      social:      github: @souleb, slack: souleb
+      primary:     false
+    - name:        Stefan Prodan
+      affiliation: ControlPlane
+      email:       stefan.prodan@gmail.com
+      social:      github: @stefanprodan, slack: stefanprodan
+      primary:     true
   documentation:
-    quickstart-guide: https://github.com/fluxcd/flux2/blob/main/README.md
+    contributing-guide: https://github.com/fluxcd/flux2/blob/main/CONTRIBUTING.md
-    detailed-guide: https://github.com/fluxcd/flux2/blob/main/README.md
+    security-policy: https://github.com/fluxcd/flux2/security
-    code-of-conduct: https://github.com/fluxcd/flux2/blob/main/CODE_OF_CONDUCT.md
+  license:
-  repositories:
+    url: https://github.com/fluxcd/flux2/blob/main/LICENSE
-    - name: fluxcd/flux2
+  release:
-      url: https://github.com/fluxcd/flux2
+    changelog: https://github.com/fluxcd/flux2/releases
-      comment: |
+    automated-pipeline: true
-        Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories and OCI artifacts), and automating updates to configuration when there is new code to deploy.
+    distribution-points:
-  vulnerability-reporting:
+      - uri:  https://github.com/fluxcd/flux2/releases
-    reports-accepted: true
+        comment: GitHub Release Page
-    bug-bounty-available: false
+    license:
-    contact:
+      url: https://github.com/fluxcd/flux2/blob/main/LICENSE
-      name: 
+      expression: Apache-2.0
-      email: 
+  security:
-      primary: 
+    assessments:
-    security-policy:
+      third-party:
+        - evidence: https://fluxcd.io/FluxFinalReport-v1.1.pdf
+          date: '2021-10-18'
+          comment: |
+            Overview available at https://fluxcd.io/blog/2021/11/flux-security-audit/