CARVIEW |
Select Language
HTTP/2 301
date: Wed, 23 Jul 2025 16:45:30 GMT
content-type: text/html; charset=utf-8
content-length: 0
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
location: https://github.com/ossf/security-insights/commits/v1.0.0
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
set-cookie: _gh_sess=nbKL7HWH1TmDsnJF8aJc%2BNGbfT%2Bz7hwBAF1zKcc3Az%2FoZBDv%2FEzoj9DDaAABPiEkQhE57nTkMsfKsbeJ19spfKppalfz7bBgJhQyLuHrkLxb2%2F9KVDl2PR1cZUKYIZwItol9woDri518LtUp2H12sbZAhkRtgkEcIZSj5%2FHAV1T1jIL4t0Dp%2Bykv77NCdw77bUd0TE3mdZLEGSWJneRG0yLgLBn2YC%2FVhHPdUX%2BD0pgoi18rHE6hEKJCf2%2F3ZVpo9VFzDgQUbvGpnH55SSY7Mw%3D%3D--usF0va8pO20niREi--tJjIIptbLC9lWBPqIGFAgg%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.1368254520.1753289130; Path=/; Domain=github.com; Expires=Thu, 23 Jul 2026 16:45:30 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Thu, 23 Jul 2026 16:45:30 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: D96C:26221E:EC8B83:1179A90:688111AA
HTTP/2 200
date: Wed, 23 Jul 2025 16:45:31 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
etag: W/"dfdb40938b3656d74326d9c1aeb43db9"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
x-github-request-id: D96C:26221E:EC8BAB:1179AC8:688111AA
Commits · ossf/security-insights · GitHub
Skip to content
Navigation Menu
{{ message }}
-
Notifications
You must be signed in to change notification settings - Fork 14
Commits
Branch selector
User selector
Datepicker
Commit History
Commits on Oct 2, 2023
Rename schema to security-insights-schema.yaml (#65)
Show description for d0c8487authoredd0c8487Copy full SHA for d0c8487Added simple contribution policy (#63)
Show description for 933cc84authored933cc84Copy full SHA for 933cc84Removed tooling from spec repo (#61)
Show description for 6a05feaauthored6a05feaCopy full SHA for 6a05feaSimplified README & added intro to spec (#60)
Show description for db4caccauthoreddb4caccCopy full SHA for db4cacc
Commits on Sep 30, 2023
Changed security contact emails (#59)
Show description for 1dfa45aauthored1dfa45aCopy full SHA for 1dfa45aAdded LICENSE.md to cover spec and code (#50)
Show description for 49e5cbdauthored49e5cbdCopy full SHA for 49e5cbd
Commits on Sep 29, 2023
Removed parent-security-insights from spec (#57)
Show description for 418f768authored418f768Copy full SHA for 418f768Create SECURITY-INSIGHTS.yml (#51)
Show description for da9bc2bda9bc2bCopy full SHA for da9bc2bMoved threat model docs (#55)
Show description for 0ff75baauthored0ff75baCopy full SHA for 0ff75baAdjusted comment handling for vulnerability reporting (#56)
Show description for 8670704authored8670704Copy full SHA for 8670704Applying all requested changes to the specification (#37)
Show description for 0536e0eauthored0536e0eCopy full SHA for 0536e0eChange from stage to status and add more status. (#52)
Show description for 13d08aaauthored13d08aaCopy full SHA for 13d08aa
Commits on Sep 27, 2023
Change type object to array (#48)
Show description for 8c7d940authored8c7d940Copy full SHA for 8c7d940Add `release-cycle` and `release-process` (#47)
Show description for 069a498authored069a498Copy full SHA for 069a498Extend dependencies schema (#46)
Show description for 688697bauthored688697bCopy full SHA for 688697b
Commits on Sep 25, 2023
Added sbom-creation (#45)
Show description for 5c92420authored5c92420Copy full SHA for 5c92420Removed requirements for some header values (#44)
Show description for 5607325authored5607325Copy full SHA for 5607325removed .DS_Store (#43)
Show description for 9c377b7authoredEddie Knight9c377b7Copy full SHA for 9c377b7Security Artifacts Schema Change (#32)
Show description for bd6759cauthoredEddie Knightbd6759cCopy full SHA for bd6759cChanged 'sbom-name' value to 'sbom-format' (#34)
Show description for c9d69a3authoredEddie Knightc9d69a3Copy full SHA for c9d69a3Basic SECURITY.md (#39)
Show description for 5cfaa5dauthored5cfaa5dCopy full SHA for 5cfaa5d
Commits on Sep 22, 2023
- authoredEddie Knight75e4a1eCopy full SHA for 75e4a1e
Commits on Sep 18, 2023
Merge pull request #35 from ossf/luigigubello/versioning-policy
Show description for 17d5f44authored17d5f44Copy full SHA for 17d5f44edit README
Show description for 7b2b88ccommitted7b2b88cCopy full SHA for 7b2b88cDelete files
Show description for 99510fccommitted99510fcCopy full SHA for 99510fcAdd Dockerfile for Py script
Show description for aeb667acommittedaeb667aCopy full SHA for aeb667a
Commits on Sep 13, 2023
Versioning policy
Show description for 1ff6cc1committed1ff6cc1Copy full SHA for 1ff6cc1
Commits on Jun 13, 2023
Merge pull request #19 from ossf/luigigubello/allow-deny-lists-for-pr-bots
Show description for 14f407aauthored14f407aCopy full SHA for 14f407aMerge branch 'master' into luigigubello/allow-deny-lists-for-pr-bots
Show description for 5138dbeauthored5138dbeCopy full SHA for 5138dbeAdd sub-path option for automated tools
Show description for f610ec9committedf610ec9Copy full SHA for f610ec9Merge pull request #21 from ossf/luigigubello/add-published-purls
Show description for 6b3aeefauthored6b3aeefCopy full SHA for 6b3aeefChange distribution-points schema
Show description for 2a3c2d5committed2a3c2d5Copy full SHA for 2a3c2d5Support package urls PURL
Show description for a015574committeda015574Copy full SHA for a015574
Commits on Apr 26, 2023
Replace bot with automated-tool
Show description for 8e48368committed8e48368Copy full SHA for 8e48368
Commits on Apr 11, 2023
Set accepts-bot-pull-requests true
Show description for 80aee15committed80aee15Copy full SHA for 80aee15
Pagination
You can’t perform that action at this time.