header: schema-version: 2.0.0 last-updated: '2025-04-03' last-reviewed: '2025-04-03' url: https://github.com/fluxcd/flux2/.github/blob/main/security-insights.yml comment: | This file contains the security insights information for the flux2 project. repository: url: https://github.com/fluxcd/flux2 status: active bug-fixes-only: false accepts-change-request: true accepts-automated-change-request: true no-third-party-packages: false core-team: - name: Aurel Canciu affiliation: NexHealth email: aurel.canciu@nexhealth.com social: github: @relu, slack: relu primary: false - name: Hidde Beydals affiliation: Independent email: hidde@hhh.computer social: github: @hiddeco, slack: hidde primary: false - name: Matheus Pimenta affiliation: ControlPlane email: matheuscscp@linux.com social: github: @matheuscscp, slack: matheuscscp primary: false - name: Max Jonas Werner affiliation: Associmates email: max.werner@associmates.eu social: github: @makkes, slack: max primary: false - name: Paulo Gomes affiliation: SUSE email: pjbgf@linux.com social: github: @pjbgf, slack: pjbgf primary: false - name: Sanskar Jaiswal affiliation: Independent email: jaiswalsanskar078@gmail.com social: github: @aryan9600, slack: aryan9600 primary: false - name: Soule BA affiliation: ControlPlane email: bah.soule@gmail.com social: github: @souleb, slack: souleb primary: false - name: Stefan Prodan affiliation: ControlPlane email: stefan.prodan@gmail.com social: github: @stefanprodan, slack: stefanprodan primary: true documentation: contributing-guide: https://github.com/fluxcd/flux2/blob/main/CONTRIBUTING.md security-policy: https://github.com/fluxcd/flux2/security license: url: https://github.com/fluxcd/flux2/blob/main/LICENSE release: changelog: https://github.com/fluxcd/flux2/releases automated-pipeline: true distribution-points: - uri: https://github.com/fluxcd/flux2/releases comment: GitHub Release Page license: url: https://github.com/fluxcd/flux2/blob/main/LICENSE expression: Apache-2.0 security: assessments: third-party: - evidence: https://fluxcd.io/FluxFinalReport-v1.1.pdf date: '2021-10-18' comment: | Overview available at https://fluxcd.io/blog/2021/11/flux-security-audit/