From b2915afbdee87809e119749c14df47d6723dd1a6 Mon Sep 17 00:00:00 2001 From: James Siri <22601145+jamesiri@users.noreply.github.com> Date: Wed, 28 Oct 2020 12:24:07 -0700 Subject: [PATCH 1/7] Updating branch name Removing master and replacing with main. --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3088637..8ac3edd 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -27,7 +27,7 @@ reported the issue. Please try to include as much information as you can. Detail ## Contributing via Pull Requests Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: -1. You are working against the latest source on the *master* branch. +1. You are working against the latest source on the *main* branch. 2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. 3. You open an issue to discuss any significant work - we would hate for your time to be wasted. From 0e396f0a432db38e3e89062656001c17ec9c1ad3 Mon Sep 17 00:00:00 2001 From: jedigal <119687809+jedigal@users.noreply.github.com> Date: Tue, 21 Feb 2023 14:26:56 -0500 Subject: [PATCH 2/7] Update SECURITY.md Updating security.md file with new version based on feedback from stakeholders during security.txt/md project. --- SECURITY.md | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 9d3b4f2..7b7c45b 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,5 +1,3 @@ -## Reporting a Vulnerability +## Reporting Security Issues -If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security -via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to aws-security@amazon.com. -Please do **not** create a public GitHub issue. +We take all security reports seriously. When we receive such reports, we will investigate and subsequently address any potential vulnerabilities as quickly as possible. If you discover a potential security issue in this project, please notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to [AWS Security](mailto:aws-security@amazon.com). Please do *not* create a public GitHub issue in this project. From 0b296c8982d690d552d3a6f6ee512862b0934711 Mon Sep 17 00:00:00 2001 From: jedigal <119687809+jedigal@users.noreply.github.com> Date: Fri, 24 Feb 2023 16:07:32 -0500 Subject: [PATCH 3/7] Update SECURITY.md --- SECURITY.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 7b7c45b..75a3b51 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,3 +1,11 @@ ## Reporting Security Issues -We take all security reports seriously. When we receive such reports, we will investigate and subsequently address any potential vulnerabilities as quickly as possible. If you discover a potential security issue in this project, please notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to [AWS Security](mailto:aws-security@amazon.com). Please do *not* create a public GitHub issue in this project. +We take all security reports seriously. +When we receive such reports, +we will investigate and subsequently address +any potential vulnerabilities as quickly as possible. +If you discover a potential security issue in this project, +please notify AWS/Amazon Security via our +[vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) +or directly via email to [AWS Security](mailto:aws-security@amazon.com). +Please do *not* create a public GitHub issue in this project. From ecda8a5df1355a775916c8c2128a20a692dae7b8 Mon Sep 17 00:00:00 2001 From: Neil Zhao Date: Wed, 10 May 2023 10:12:09 -0400 Subject: [PATCH 4/7] feat: ceder launch --- GOVERNANCE.md | 33 +++++++++++++++++++++ MAINTAINERS.md | 25 ++++++++++++++++ README.md | 69 ++++++++++++++++++++++++++++++++++++++++++++ RESPONSIBILITIES.md | 30 +++++++++++++++++++ cedar_1_green.png | Bin 0 -> 8564 bytes 5 files changed, 157 insertions(+) create mode 100644 GOVERNANCE.md create mode 100644 MAINTAINERS.md create mode 100644 README.md create mode 100644 RESPONSIBILITIES.md create mode 100644 cedar_1_green.png diff --git a/GOVERNANCE.md b/GOVERNANCE.md new file mode 100644 index 0000000..337262d --- /dev/null +++ b/GOVERNANCE.md @@ -0,0 +1,33 @@ +# GOVERNANCE.md + +This open source project is managed by a Steering Committee composed of the maintainers of this project. Maintainers are defined as individuals with full commit access to the project repositories. + +## Steering Committee + +The Steering Committee will be responsible for oversight of all technical, project, approval, and policy matters for the project. This notably includes brand and trademark management. + +The Steering Committee members are listed in the MAINTAINERS.md file in the repository. New maintainers (and accordingly, Steering Committee members) may be added or removed by no less than 3/4 affirmative vote of the Steering Committee. The Steering Committee will appoint a Chair responsible for organizing Steering Committee activity. If the Steering Committee Chair is removed from the Committee (or the Chair steps down from that role), it is the responsibility of the Steering Committee to appoint a new Chair. + + +The Steering Committee may, at its discretion, add or remove members who are not maintainers. + +## Voting + +The Steering Committee will strive for all decisions to be made by consensus. While explicit agreement of the entire Steering Committee is preferred, it is not required for consensus. Rather, the Steering Committee will determine consensus based on their good faith consideration of a number of factors, including the dominant view of the Steering Committee and nature of support and objections. The Steering Committee will document evidence of consensus in accordance with these requirements. If consensus cannot be reached, the Steering Committee will make the decision by a vote. + +The Steering Committee Chair will call a vote with reasonable notice to the Steering Committee, setting out a discussion period and a separate voting period. Any discussion may be conducted in person or electronically by text, voice, or video. The discussion will be open to the public, with the notable exception of discussions involving embargoed security issues or the addition or removal of maintainers, which will be private. In any vote, each voting representative will have one vote. Except as specifically noted elsewhere in this document, decisions by vote require a simple majority vote of all voting members. + + + +## Termination of Membership + +A maintainer’s access (and accordingly, their position on the Steering Committee) will be removed if any of the following occur: + +* Resignation: Written notice of resignation to the Steering Committee +* Steering Committee Vote: 3/4 affirmative vote of the Steering Committee to remove a member +* Unreachable Member: If a member is unresponsive for more than six months, the remaining active members of the Steering Committee may vote to remove the member + +## License of this document + +This document is a modified work of the GitHub Minimal Viable Governance model, located here: https://github.com/github/MVG/ +This document may be used, modified, and/or distributed under the terms of the [Creative Commons Attribution 4.0 International (CC-BY) license](https://creativecommons.org/licenses/by/4.0/legalcode). diff --git a/MAINTAINERS.md b/MAINTAINERS.md new file mode 100644 index 0000000..0dffb09 --- /dev/null +++ b/MAINTAINERS.md @@ -0,0 +1,25 @@ +# MAINTAINERS.md + +## Overview + +This document contains a list of maintainers in this repo. See [RESPONSIBILITIES.md](https://github.com/opensearch-project/.github/blob/main/RESPONSIBILITIES.md#maintainer-responsibilities) that explains what the role of maintainer means, what maintainers do in this and other repos, and how they should be doing it. If you're interested in contributing, and becoming a maintainer, see CONTRIBUTING.md. + +## Current Maintainers + +|Maintainer |GitHub ID |Affiliation | +|--- |--- |--- | +|Neha Rungta |neharungta |Amazon | +|Mark Stalzer |mstalzer |Amazon | +|Sarah Cecchetti |sarahcec |Amazon | +|Darin McAdams|D-McAdams |Amazon | +|Emina Torlak |emina |Amazon | +|Mike Hicks | mwhicks1|Amazon | +|Anwar Mamat |anwarmamat |Amazon | +|Andrew Wells |andrewmwells-amazon | Amazon| +|Shaobo He |shaobo-he-aws |Amazon | +|Aaron Eline |aaronjeline |Amazon | +|Craig Disselkoen |cdisselkoen |Amazon | +|John Kastner |john-h-kastner-aws |Amazon | +|Kesha Hietala |khieta |Amazon | +|Matt McCutchen |mattmccutchen-amazon |Amazon | +|Dave Bishop |bisdavid |Amazon | diff --git a/README.md b/README.md new file mode 100644 index 0000000..c0e47fa --- /dev/null +++ b/README.md @@ -0,0 +1,69 @@ +# README.md + +![Cedar Green Logo](cedar_1_green.png "Cedar Logo") + +## Welcome! + +**Cedar** is an open source policy language and evaluation engine. Cedar enables developers to express fine-grained permissions as easy-to-understand policies enforced in their applications, and decouple access control from application logic. Cedar supports common authorization models such as role-based access control and attribute-based access control. It is the first policy language built from the ground up to be verified formally by using automated reasoning, and tested rigorously using differential random testing. + + +## Project Resources + +* [Project Website](https://www.cedarpolicy.com/) +* [Documentation](https://docs.cedarpolicy.com/) +* Need help? Try [Slack]([https://cedar-policy.slack.com](https://cedar-policy.slack.com/)) + +## Repositories + +* cedar (https://github.com/cedar-policy/cedar) + +The cedar repository houses the Cedar SDK including the authorization engine, validator, policy formatter, and CLI. + +* cedar-docs (https://github.com/cedar-policy/cedar-docs) + +The cedar-docs repository houses documentation for all cedar projects. + +* cedar-examples (https://github.com/cedar-policy/cedar-examples) + +The cedar-examples repository houses example applications using the Cedar language and SDK + +* cedar-java (https://github.com/cedar-policy/cedar-java) + +The cedar-java repository houses the Java language bindings for Cedar. + +* cedar-spec (https://github.com/cedar-policy/cedar-spec) + +The cedar-spec repository houses the formal Dafny specification for the Cedar language as well as the differential testing/property-based testing framework. + +## Code of Conduct + +This project has adopted the [Amazon Open Source Code of Conduct](../CODE_OF_CONDUCT.md). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq), or contact [opensource-codeofconduct@amazon.com](mailto:opensource-codeofconduct@amazon.com) with any additional questions or comments. + + +## Security + +If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do **not** create a public GitHub issue. + + +## License + +This project is licensed under the [Apache v2.0 License](LICENSE.txt). + + +## Copyright + +Copyright OpenSearch Contributors. See [NOTICE](NOTICE.txt) for details. + + +## Trademark + +Cedar is a registered trademark of Amazon Web Services. If publishing software using Cedar, you are not required to attribute. However, if you’d like to, we encourage you to use the language below. + + +|Do: |Don't: | +|--- |--- | +|✅ Powered by Cedar |❌ Cedar 2.0 | +|✅ Created with Cedar |❌ Created by Cedar | +|✅ Using Cedar |❌ Software created by Cedar | + + diff --git a/RESPONSIBILITIES.md b/RESPONSIBILITIES.md new file mode 100644 index 0000000..4c89d26 --- /dev/null +++ b/RESPONSIBILITIES.md @@ -0,0 +1,30 @@ +# RESPONSIBILITIES.md + +## Overview + +This document explains who maintainers are, what they do, and how they should be doing it. If you're interested in contributing, see [CONTRIBUTING](https://github.com/opensearch-project/.github/blob/main/CONTRIBUTING.md). + +## Current Maintainers + +MAINTAINERS.md lists current maintainers. + +## Maintainer Responsibilities + +Maintainers are active and visible members of the community, and have [maintain-level permissions on a repository](https://docs.github.com/en/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization). Use those privileges to serve the community and evolve code as follows. + +* Uphold Code of Conduct +* Model the behavior set forward by the Code of Conduct and raise any violations to other maintainers and admins. +* Prioritize Security +* Security is your number one priority. Maintainer's Github keys must be password protected securely and any reported security vulnerabilities are addressed before features or bugs. Note that this repository is monitored and supported 24/7 by Amazon Security, see [Reporting a Vulnerability](https://github.com/opensearch-project/.github/blob/main/SECURITY.md) for details. +* Review pull requests regularly, comment, suggest, reject, merge and close. Accept only high quality pull-requests. +* Provide code reviews and guidance on incoming pull requests. Don't let PRs be stale and do your best to be helpful to contributors. +* Triage Open Issues +* Manage labels, review issues regularly, and triage by labelling them. +* Be Responsive +* Respond to enhancement requests, and forum posts. Allocate time to reviewing and commenting on issues and conversations as they come in. +* Maintain Overall Health of the Repo +* Keep the `main` branch at production quality at all times. Backport features as needed. Cut release branches and tags to enable future patches. +* Keep Dependencies up to Date +* Assist, add, and remove MAINTAINERS. +* Make sure the repo has a well-written, accurate, and complete description. + diff --git a/cedar_1_green.png b/cedar_1_green.png new file mode 100644 index 0000000000000000000000000000000000000000..379f3fa58156ce3c7fed1ea99080adc352bcb33f GIT binary patch literal 8564 zcmXY1c|6nqAD>hzxxYouqEO0`N{-D9z+%}Z^ocp%q z*qqC3G;Dq!`u(we-h01apV#a4e!gC>=lk{fJQituSC`|2;0X{2#G!Xv>plp?vJH%9 zj~xZR-D`(SfXngcw;%a{KuIT*ykJ?KGI}mNl0Ldla5c^}Ipx%7b=kA<(@|?ZH#6-|b5Q{gPN`GQDY_L` zmAUGR)4~TYCWI{$<1a!)&4S&E*ir_%Y7G>Wqx*!)bgHQqgh> zwOh6PW<8F{AP~2rgut`)?GeJM#get1=Z<2dW)Tq3S^uz*uyZIdHyor!J;vZ>)558( zuz>DKP+6nT&<|nQKw43Fviy@d_9jsf_XUmm&T|sBXE#AFN!;7Gi~ok7xnb+4|H)?4 zvbKc(4YP)_xc)mBnv|4has8V$DNM)$U!)wd;{ts)Sk|!hKG16%Y5E5Dsf{1-C)2n1 zcyRMSe+n#kwr`6cSnIzIrJ}SCT+4O#B}v2ty&7c&y>@jYNg#t7o0-}%j67hAYT_Iw z@omZl!U^(+Kx$`W*n?xl3HA2rzhz7X6tn&V z5A}%?f)e`&^~qE2q{vV0N`4uVB)F|50LvRkplPv z{)dFy)%y{?X z^)m6|4XPHd{~#XUZ$ASx-8;yN%nNspLr};|2b;LUtwPm;b{q&@x5DEql_+94?2avy ziGO+EAm^`Iho1S&`9$X2=PFQi@dzl%DFA^4rEZff#RBtXk_XuUJ8vnXFmb{+ihqTq z>2MAdi2n8WBY;c62&(3e)V8DbQs^kF+RqoM(YkYN1I|6wFP3Vha-bhG*+3jK7pPhx z*Z0$?V-Rp~_8gFsmkjoSIRi{ePh^NIXv7SN$oXDz~TTRqdM*Y@l1Wf~&+kzAAlqAcV=UQ-*8_T!^~3HSxOp55P4 z%VrLD_DiAP9GDB`fdkes%2yAZFnH&jZq;0ggn*h{oPlUQjer1K72r4tL8%Jc z?Tg$r3IhTgKFS9NMYLxCAyYjNF<$|uceD@gJj)eKgu(hF=(m^7|K5ifP*FJVI^{Z- zlzZ2O8$i&X23J*CFEJ>naGmWwivduZ4Q1e-Dj=eY*i#oyrGP#7>DJ$?) z$mMi7P1lIBM;`}e-q#aFmSCkZMb7}SXl(g|ULz35KuT4oo?=>I=iY=V4Fne6VZ+I1 zK#yVYo@}y}ep0j?|9MG{$X$;ZbPP}%X9bPEMDssf5fY$l*xT<iEM`pkigOYf*PN|Jbh*_cQT@{1S}bjgr~}j|wOAhf?#a?18=QiR+tw89?w0QS#6H1Sd1>-VYKYt6QM{iR{dMJi>_xP0_M1x3&RTx@^0Vc-c{W$1l|^^{O7Kg zC`hnTpOl^j7!9wGp)B&D2U``*_g%XFwi2(*7)6|0v%8`*Osi@@yIz&;{4ZknWgCB8 zvklI1N=#}2CwjW7%3Ep2hXr)~b&@?bi<{1aA~c)VQfG2|JL>z-g3iKhbg57t`note z)%z(I$hkxsNMfmo1CBi!AxqU_a{uEb=)E^U>hc`0`UfZYw<5#N~(JH|jQ>2tEeN^m-kJqoD!}%4Bb7tgvJz*O6;Bow$o|1}XIjH(j!j~pX95A|#bN+*DZJ(fl=zGNpIRY{Uho8V6wZYNDZLJF*%@v1W$q!G_HAHt1mi42{Bl>{tx00OLs5);{ z>44%0K(c>|_OyZ1cmAU^Rcl&opU8ghQx6khR5fSEG-aMZ6xTG&ls8qt-i;}RuGth? zpPxggn_n9qcA-CFz`#qXxm@62Nzls|BDX$CQN%}#_IxlcIJ>6Z+u;QAQg{ZP$-d{y z;72pk|2FJXTSprZI20O7yMeLmIj;ll=SAbWf;ASFaC~ zYwd+ZM7sC3SkN}lF$l(+(nFx!L)Fy~K zTM7U#K$rRJxVK;xUy}`hn3jvtK0Ttq|6%r+8+&u$JyNcOw<`l@5CtF`Gzws>YBk3m zxT0-CO3~fhDCbAxjQ-D#5ENRLQX6F70;Q2}Y^q9a+A+&pm}USkUrI<@sd^=iN?Me# zy(L%6=xS~0z{of)G=-<`xd*ok`rLETs<+uP_dg6WF3|GyDYiLDTrI60VhPs9eU;hl zeaGb&jg>2h*|4ZdoDu2EcWm*v4f!k5UeDMWw}b1seMJ$sLnSu-f@{6}hkE0x{VZj- zveAAMpZrl39-%D|xft9;Ih{eZm&uoBc_}alwnca|-}KV3 zfsv_OZOf@!G%kq5xkv4yDh{>@{w>T091MM4Ob=VZd0k$N^%Xx+x8+!e>IomgZQ^xm zO{@L_)o1Y~0arjE7;-T3pbGVPyyp^Qt%h8^)@>fpm~@80S9x6Z<SOWylFA??8EHewkj#M9=icAR`048V_*nHTiA7 z0Gi0u=Xl*G^{wZu@#q-1E|n1f7r|NG+5!Eq+G@t0k3vwmv#v5md$rpT_z2nBQ-9<4 zC_JhzRXBj!C%>KI+7T6$Wr#sur^x@gbh5-p=Fd(&k`@OtrPu zY}F12ob0hx^{7GCNZp`~2O6ZIIEzPn#N{K;$m; z@&5r&S^|*0WwP&oL*;c1hY5B(MM767XPJNZ{%qIxBYI77>qX~+y0?6!5nn_*9x7fE zlHv1cqW=nEY9pBC)#}XP?EiY>aR!q<7y5`DiBL1g?u9ktJE4<*WA`#*QjXb^Z%{nE zCs#J*$;)7)JEz9EcaBM*k-w0Vc{`b@OI$-c+q*XJPb|J&D16Io72J){_Y9GRQuksy zP2KE!e6N~{<$G+cbWDuB+8V;wvKt1UUni~h@%Wh8){&h_Bed$I>Sg7LW7&J?5atz; z!;Bt|*Ciygza?SWx<6I|gHM`v2#|iYf?>u=8-n`m34^``VLY1Mke1+B%Os zprS|NJoi=@y39U#v8{k!)BJV}QjX#gu$CyS?-(zpeOet-;VHWuZ>3B3U+TlYWroFy zt0uhd>zkJm+%6AYt9;?k^dAy>&Q?~I2i7vvTpLpS!hC}K=HZziwv`JdBA4rfAKZyU zE@&^%oSJ$Q{hYDHjzXwe$YO@f1hQt6A|O=v^Zbr#Cb)ljt=VGl6F66?JG##PJfy|} zI=rjF(Wjsxs8;Py7?~XX#BFU5X2|rj0*^cSj&# z1o6H`!AYyeOv{C*!Niuzh+erT!}wJ@@+x48y~?DaTO)w)Pfip1lzn$65vH0ikQ7VV z5eiR=7PUa1-)#SElqd`@&Bqs1tK`V(;C|Wdecn0*&iEj>b6aY|$#zZYu@jnmV2ua2SeCsnL*AsKC zTF!@soba%lv0dbwZ}zf7JSL?#V75d9TL+(b-$fhF9a+EZykZYAVx}lJcUi?%A={C| z@M-_iH-x*xbIb5L1hd8K;?D&iSWrl3&qMj-djW(E6?99T9Ai}M&#l-~Fe&4eP%Tl2 zx}DhiyMU$WVwaf1NMGN1$65L6lH6@fy>W+}n}Seq-Y0bwPvuv>-i<}!<<^i8la*FZ z?5yIZ7VfZ(z1T)sg;I(qeu%Qrbvb+crcb_2qSr}FE}t{l1V4+Zc*LH37jEm9IZlXh zlHi;oO^wYT<)iZkMg~tx1QMeM1CtmbEgz~?z`th?eQ8~OaNJ>$NLaEp&nz1i9P{UM znrRH8_Yd1bIG6Z_*;_;24YdlGnUHZETp}T^f57 zz=2~EGne5db&H12gY0JA3-QYKfQPzIzl@Gtpv2j7c&Mkei)14M8l^rowxODKGSW{Z zVnyE0KWALi$*7BM7|aUbi~t_;@NJ_b(v;xok#i9(r?Whj?N?oKNP9EP%Iek2;mgT# z z$Gark$;T~>wpw8mt`BF*Dt~?zF0ox(pZvxXprx{`Yo}){8xTeI#|OdXaN|B%9UcbF-3Wyfyu;a@2aF; z$NTmko|_91z4?sF3o1^V9!-H<5aU7#7G0`RoY;T#sq26Bqed2NIsIX1xq|QUQOn!v zNW?|nTIb67=}eHc&7;bHei)J zS7_2bUOul-)|tKb3GR2A)_orjQ5K)(oT+l~q#4rkhgL@{&$>KZY8!VmnM?2VbXx09 zIr_q|a#B{%m3ilf``ObQO4qj7HIOj<*Q+(Xrqf+zm^J!sE_l~%=>kA^XASX_gurbv zA%3_5_*oA%QFgOu#EPSGWffaY&GlRB>#zw1U2gO0nG1U zz!&*GtG{mqD$JpgZl*VjM=g23-2(C@?_uXmjWu0TF2I-1%W&5x+^PRJf0!uEF%|Kq zl9QkDnJslMNsoKV{7dav)bQ* zv~4lpXziDrps$u3{tCBY%VJZ(7gNCJ-(#eX9Fk}PB#hU-f4zAn9Dcsufma}lE$Em} zT6g!0`YSKFysp5NPj=26RU@%*ncj6O@+hzhtm9-3D)>!EQZgP3Cx_kZxWSWsUiOEuVDY#?YuB z1h}(q%^^^C*9S#NKHDV+1Lc-kFDDKJn;D;|TyaOZ5qG}V7zA+DI~CJ{4PWbk!)y5h zC0egj>famtThmcIkeB_B;xCg@m%tVShdjnCz2FY9DJCjqEz=3BL43dS)(X~ZTM(X# zlXtynC}MZoI8td7vosdZm;EqP$d%r+`RPKv755_QeRMxFfWJA2E=BpUoTXLeYcdp*$w76v>OcU^%O zdD?71cKSq7y|Ui}+!Mln%2eNdfGm_6}gdk@PUePzoIk$ooQ8S@;U2^H=%PakFhwimm#GR(@H0ce#FNRg%FQgl zR|d_cQn9_{uc5j-50S^xWO=cb$ez@@5HQ+mj>Tr{_3+JRbxl3%3l{FFw4CjIT($hu8q&UH{ z1;L{4zL40R&evIKSq3PUEJlzEV{dZ`i`aPsK#!IAI1XQq@SN}tNUNolR)&}<+&tY> zw0~&K(vzjrJyxE29}5%x)1Yk=ey^1}70^t;^c6*o)Z;KgOP;xRhCdD^D5$E+pe*X3 zo`)e=GwP9bPoKfSak%eBKjFg}MJXr{-jTf}IPLM%3E!UJ_tV~HC({mRvF+aW`_IqP zcJBVHjI!?hYi2$BN})-?1Vh7^9q=o77N}SZ5WW|4IBpR}@0|Lk^0}{-!fS=!A9~t5 zsY|960jwqFm@A=vnnsdco_;+P;XjjoqD5H1;2*Ki%W;#V&%k>lYrl6SLL`|OVGpQT zqZM9Lz%^d@$Kz|Fzg~$VgVcX~8RqcMyw4feR(yO8Qyu?>=v`SraVn6S(4dr196y2BKP~gXb*Yx_1?Qjha8FFEVDE_&z$Y)!=Ju7@jrc zD_kTGA!CgPWOy0gRg9>eFb-@RMo)(pChC`T+!$lcKD4V`pw_UjgzjC%!p||@`B5xd zxloGQ@IeV%ykvs6@W>LZbr@jg+#tKfJ(VE;O2isk_`IpKQ=D}6tF76UQ5yHxZ<3xD(}&a*mFI;l9#>Ryu8>?DR7&cItE#Cw?w@E zp%OL4<#cIQSnwlN$>2X3r5N#_qTK=D07_nJ#y^3 zfYsOKlx*W{IxcI1TOBZEx(h@?ziTnIv!)NG{==*Efya%WqHLi4?s-lK{!r`v-E^MV zL%4-|vDn=kKArC~TP5JC$voS7Z5EoqyXZQ1+-I=vGS`a!{dxPxT~XW3z{_yjB(ryc zc)j`%*5QFN!{Eq12_%4qnG0ORLYuKB(>J z(*!JaD_h7{Y*On4kWYVEY|J2Xy zonGLKis%rR7OC%W^7RkN$Ll<9esYR=B(~k|e;GKP(>iC??vLLIM1uY0|HOxhmglQ# z1>|J8iAR$rx;wJhjKYJgIal-}){&mEGyB96#18&xM$FcqH zHPh(3Gtfr2UeakEt5v$kJudGze8=i#478hIq%djy3(C(6K@X&+y0~ z#Yqjlc*YIV}vx2I?_+9 z7t7o)*Q4I3mV}$f2zQgMv|3Gkc+w+)6G^AINiUEU?5|1cJ4W|1n8>lG#Y{YJJp7%a zpc}KW5k*q@UNHE}it-26Inz?|9gvmv|Jm`v`J_Ujf_#iQ8LnwNS9)UHMKcNI@L-d2?M5n#89vJqr~P)LEv%XL&g1!Z)7`#FwvM99a_5U;yYYswBKUO3%L|e z48g+Q);dtWQ)lYp9MIDMJo-S09O=Z6Im+e!uk#)4T*OKn53VGMVZSXf`C(uL*`T$#LD))=AiS8%FRijRS8euHq zs#DzHV@0cc)r+3;_@lixwTaCasLsL);{9SdHO(Osh%B+PJVn7y4j=FY+vWsY%v^wQ zwJcP)Pv+8gkS?fi6a zGOTjKe*#w%q-2@)l(m<%o~|bIV{yP38u!wGTp@XG-wP?iFFoJT{OE6C+u1M;WJ`zc zCfy^b_R{_N=B9A(?CMh@-8}ReyIq{2z0{u?x$UJa|M)GJBT6jSUSsf9@_hISt;}PHkpFJXr|Hi4|x{z+AX(s0If@JpC^a-!hj#;#(SS4XxOBT5epO0W-r_QQM2xT+ZvXDRT zF<{Y*5@PFz#>xfC7l^Xs1ujACf-rXSN+4j5K))s7pRVw-|1}?*>Y-HgQ;@WGFxh4YLvvI zkJHDfpu+x9ysct)Kqx|P}Ov_48Xx>1On)Kc= Z7U~)vihe=@{v-j?)4r=!qVf3k{{T?LZ(aZZ literal 0 HcmV?d00001 From ae8bdaeff40c8bee5ef405481c68f4074661204c Mon Sep 17 00:00:00 2001 From: Neil Zhao <95498458+neilzhao-aws@users.noreply.github.com> Date: Wed, 10 May 2023 10:13:12 -0400 Subject: [PATCH 5/7] Revert "feat: ceder launch" --- GOVERNANCE.md | 33 --------------------- MAINTAINERS.md | 25 ---------------- README.md | 69 -------------------------------------------- RESPONSIBILITIES.md | 30 ------------------- cedar_1_green.png | Bin 8564 -> 0 bytes 5 files changed, 157 deletions(-) delete mode 100644 GOVERNANCE.md delete mode 100644 MAINTAINERS.md delete mode 100644 README.md delete mode 100644 RESPONSIBILITIES.md delete mode 100644 cedar_1_green.png diff --git a/GOVERNANCE.md b/GOVERNANCE.md deleted file mode 100644 index 337262d..0000000 --- a/GOVERNANCE.md +++ /dev/null @@ -1,33 +0,0 @@ -# GOVERNANCE.md - -This open source project is managed by a Steering Committee composed of the maintainers of this project. Maintainers are defined as individuals with full commit access to the project repositories. - -## Steering Committee - -The Steering Committee will be responsible for oversight of all technical, project, approval, and policy matters for the project. This notably includes brand and trademark management. - -The Steering Committee members are listed in the MAINTAINERS.md file in the repository. New maintainers (and accordingly, Steering Committee members) may be added or removed by no less than 3/4 affirmative vote of the Steering Committee. The Steering Committee will appoint a Chair responsible for organizing Steering Committee activity. If the Steering Committee Chair is removed from the Committee (or the Chair steps down from that role), it is the responsibility of the Steering Committee to appoint a new Chair. - - -The Steering Committee may, at its discretion, add or remove members who are not maintainers. - -## Voting - -The Steering Committee will strive for all decisions to be made by consensus. While explicit agreement of the entire Steering Committee is preferred, it is not required for consensus. Rather, the Steering Committee will determine consensus based on their good faith consideration of a number of factors, including the dominant view of the Steering Committee and nature of support and objections. The Steering Committee will document evidence of consensus in accordance with these requirements. If consensus cannot be reached, the Steering Committee will make the decision by a vote. - -The Steering Committee Chair will call a vote with reasonable notice to the Steering Committee, setting out a discussion period and a separate voting period. Any discussion may be conducted in person or electronically by text, voice, or video. The discussion will be open to the public, with the notable exception of discussions involving embargoed security issues or the addition or removal of maintainers, which will be private. In any vote, each voting representative will have one vote. Except as specifically noted elsewhere in this document, decisions by vote require a simple majority vote of all voting members. - - - -## Termination of Membership - -A maintainer’s access (and accordingly, their position on the Steering Committee) will be removed if any of the following occur: - -* Resignation: Written notice of resignation to the Steering Committee -* Steering Committee Vote: 3/4 affirmative vote of the Steering Committee to remove a member -* Unreachable Member: If a member is unresponsive for more than six months, the remaining active members of the Steering Committee may vote to remove the member - -## License of this document - -This document is a modified work of the GitHub Minimal Viable Governance model, located here: https://github.com/github/MVG/ -This document may be used, modified, and/or distributed under the terms of the [Creative Commons Attribution 4.0 International (CC-BY) license](https://creativecommons.org/licenses/by/4.0/legalcode). diff --git a/MAINTAINERS.md b/MAINTAINERS.md deleted file mode 100644 index 0dffb09..0000000 --- a/MAINTAINERS.md +++ /dev/null @@ -1,25 +0,0 @@ -# MAINTAINERS.md - -## Overview - -This document contains a list of maintainers in this repo. See [RESPONSIBILITIES.md](https://github.com/opensearch-project/.github/blob/main/RESPONSIBILITIES.md#maintainer-responsibilities) that explains what the role of maintainer means, what maintainers do in this and other repos, and how they should be doing it. If you're interested in contributing, and becoming a maintainer, see CONTRIBUTING.md. - -## Current Maintainers - -|Maintainer |GitHub ID |Affiliation | -|--- |--- |--- | -|Neha Rungta |neharungta |Amazon | -|Mark Stalzer |mstalzer |Amazon | -|Sarah Cecchetti |sarahcec |Amazon | -|Darin McAdams|D-McAdams |Amazon | -|Emina Torlak |emina |Amazon | -|Mike Hicks | mwhicks1|Amazon | -|Anwar Mamat |anwarmamat |Amazon | -|Andrew Wells |andrewmwells-amazon | Amazon| -|Shaobo He |shaobo-he-aws |Amazon | -|Aaron Eline |aaronjeline |Amazon | -|Craig Disselkoen |cdisselkoen |Amazon | -|John Kastner |john-h-kastner-aws |Amazon | -|Kesha Hietala |khieta |Amazon | -|Matt McCutchen |mattmccutchen-amazon |Amazon | -|Dave Bishop |bisdavid |Amazon | diff --git a/README.md b/README.md deleted file mode 100644 index c0e47fa..0000000 --- a/README.md +++ /dev/null @@ -1,69 +0,0 @@ -# README.md - -![Cedar Green Logo](cedar_1_green.png "Cedar Logo") - -## Welcome! - -**Cedar** is an open source policy language and evaluation engine. Cedar enables developers to express fine-grained permissions as easy-to-understand policies enforced in their applications, and decouple access control from application logic. Cedar supports common authorization models such as role-based access control and attribute-based access control. It is the first policy language built from the ground up to be verified formally by using automated reasoning, and tested rigorously using differential random testing. - - -## Project Resources - -* [Project Website](https://www.cedarpolicy.com/) -* [Documentation](https://docs.cedarpolicy.com/) -* Need help? Try [Slack]([https://cedar-policy.slack.com](https://cedar-policy.slack.com/)) - -## Repositories - -* cedar (https://github.com/cedar-policy/cedar) - -The cedar repository houses the Cedar SDK including the authorization engine, validator, policy formatter, and CLI. - -* cedar-docs (https://github.com/cedar-policy/cedar-docs) - -The cedar-docs repository houses documentation for all cedar projects. - -* cedar-examples (https://github.com/cedar-policy/cedar-examples) - -The cedar-examples repository houses example applications using the Cedar language and SDK - -* cedar-java (https://github.com/cedar-policy/cedar-java) - -The cedar-java repository houses the Java language bindings for Cedar. - -* cedar-spec (https://github.com/cedar-policy/cedar-spec) - -The cedar-spec repository houses the formal Dafny specification for the Cedar language as well as the differential testing/property-based testing framework. - -## Code of Conduct - -This project has adopted the [Amazon Open Source Code of Conduct](../CODE_OF_CONDUCT.md). For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq), or contact [opensource-codeofconduct@amazon.com](mailto:opensource-codeofconduct@amazon.com) with any additional questions or comments. - - -## Security - -If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) or directly via email to [aws-security@amazon.com](mailto:aws-security@amazon.com). Please do **not** create a public GitHub issue. - - -## License - -This project is licensed under the [Apache v2.0 License](LICENSE.txt). - - -## Copyright - -Copyright OpenSearch Contributors. See [NOTICE](NOTICE.txt) for details. - - -## Trademark - -Cedar is a registered trademark of Amazon Web Services. If publishing software using Cedar, you are not required to attribute. However, if you’d like to, we encourage you to use the language below. - - -|Do: |Don't: | -|--- |--- | -|✅ Powered by Cedar |❌ Cedar 2.0 | -|✅ Created with Cedar |❌ Created by Cedar | -|✅ Using Cedar |❌ Software created by Cedar | - - diff --git a/RESPONSIBILITIES.md b/RESPONSIBILITIES.md deleted file mode 100644 index 4c89d26..0000000 --- a/RESPONSIBILITIES.md +++ /dev/null @@ -1,30 +0,0 @@ -# RESPONSIBILITIES.md - -## Overview - -This document explains who maintainers are, what they do, and how they should be doing it. If you're interested in contributing, see [CONTRIBUTING](https://github.com/opensearch-project/.github/blob/main/CONTRIBUTING.md). - -## Current Maintainers - -MAINTAINERS.md lists current maintainers. - -## Maintainer Responsibilities - -Maintainers are active and visible members of the community, and have [maintain-level permissions on a repository](https://docs.github.com/en/organizations/managing-access-to-your-organizations-repositories/repository-permission-levels-for-an-organization). Use those privileges to serve the community and evolve code as follows. - -* Uphold Code of Conduct -* Model the behavior set forward by the Code of Conduct and raise any violations to other maintainers and admins. -* Prioritize Security -* Security is your number one priority. Maintainer's Github keys must be password protected securely and any reported security vulnerabilities are addressed before features or bugs. Note that this repository is monitored and supported 24/7 by Amazon Security, see [Reporting a Vulnerability](https://github.com/opensearch-project/.github/blob/main/SECURITY.md) for details. -* Review pull requests regularly, comment, suggest, reject, merge and close. Accept only high quality pull-requests. -* Provide code reviews and guidance on incoming pull requests. Don't let PRs be stale and do your best to be helpful to contributors. -* Triage Open Issues -* Manage labels, review issues regularly, and triage by labelling them. -* Be Responsive -* Respond to enhancement requests, and forum posts. Allocate time to reviewing and commenting on issues and conversations as they come in. -* Maintain Overall Health of the Repo -* Keep the `main` branch at production quality at all times. Backport features as needed. Cut release branches and tags to enable future patches. -* Keep Dependencies up to Date -* Assist, add, and remove MAINTAINERS. -* Make sure the repo has a well-written, accurate, and complete description. - diff --git a/cedar_1_green.png b/cedar_1_green.png deleted file mode 100644 index 379f3fa58156ce3c7fed1ea99080adc352bcb33f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 8564 zcmXY1c|6nqAD>hzxxYouqEO0`N{-D9z+%}Z^ocp%q z*qqC3G;Dq!`u(we-h01apV#a4e!gC>=lk{fJQituSC`|2;0X{2#G!Xv>plp?vJH%9 zj~xZR-D`(SfXngcw;%a{KuIT*ykJ?KGI}mNl0Ldla5c^}Ipx%7b=kA<(@|?ZH#6-|b5Q{gPN`GQDY_L` zmAUGR)4~TYCWI{$<1a!)&4S&E*ir_%Y7G>Wqx*!)bgHQqgh> zwOh6PW<8F{AP~2rgut`)?GeJM#get1=Z<2dW)Tq3S^uz*uyZIdHyor!J;vZ>)558( zuz>DKP+6nT&<|nQKw43Fviy@d_9jsf_XUmm&T|sBXE#AFN!;7Gi~ok7xnb+4|H)?4 zvbKc(4YP)_xc)mBnv|4has8V$DNM)$U!)wd;{ts)Sk|!hKG16%Y5E5Dsf{1-C)2n1 zcyRMSe+n#kwr`6cSnIzIrJ}SCT+4O#B}v2ty&7c&y>@jYNg#t7o0-}%j67hAYT_Iw z@omZl!U^(+Kx$`W*n?xl3HA2rzhz7X6tn&V z5A}%?f)e`&^~qE2q{vV0N`4uVB)F|50LvRkplPv z{)dFy)%y{?X z^)m6|4XPHd{~#XUZ$ASx-8;yN%nNspLr};|2b;LUtwPm;b{q&@x5DEql_+94?2avy ziGO+EAm^`Iho1S&`9$X2=PFQi@dzl%DFA^4rEZff#RBtXk_XuUJ8vnXFmb{+ihqTq z>2MAdi2n8WBY;c62&(3e)V8DbQs^kF+RqoM(YkYN1I|6wFP3Vha-bhG*+3jK7pPhx z*Z0$?V-Rp~_8gFsmkjoSIRi{ePh^NIXv7SN$oXDz~TTRqdM*Y@l1Wf~&+kzAAlqAcV=UQ-*8_T!^~3HSxOp55P4 z%VrLD_DiAP9GDB`fdkes%2yAZFnH&jZq;0ggn*h{oPlUQjer1K72r4tL8%Jc z?Tg$r3IhTgKFS9NMYLxCAyYjNF<$|uceD@gJj)eKgu(hF=(m^7|K5ifP*FJVI^{Z- zlzZ2O8$i&X23J*CFEJ>naGmWwivduZ4Q1e-Dj=eY*i#oyrGP#7>DJ$?) z$mMi7P1lIBM;`}e-q#aFmSCkZMb7}SXl(g|ULz35KuT4oo?=>I=iY=V4Fne6VZ+I1 zK#yVYo@}y}ep0j?|9MG{$X$;ZbPP}%X9bPEMDssf5fY$l*xT<iEM`pkigOYf*PN|Jbh*_cQT@{1S}bjgr~}j|wOAhf?#a?18=QiR+tw89?w0QS#6H1Sd1>-VYKYt6QM{iR{dMJi>_xP0_M1x3&RTx@^0Vc-c{W$1l|^^{O7Kg zC`hnTpOl^j7!9wGp)B&D2U``*_g%XFwi2(*7)6|0v%8`*Osi@@yIz&;{4ZknWgCB8 zvklI1N=#}2CwjW7%3Ep2hXr)~b&@?bi<{1aA~c)VQfG2|JL>z-g3iKhbg57t`note z)%z(I$hkxsNMfmo1CBi!AxqU_a{uEb=)E^U>hc`0`UfZYw<5#N~(JH|jQ>2tEeN^m-kJqoD!}%4Bb7tgvJz*O6;Bow$o|1}XIjH(j!j~pX95A|#bN+*DZJ(fl=zGNpIRY{Uho8V6wZYNDZLJF*%@v1W$q!G_HAHt1mi42{Bl>{tx00OLs5);{ z>44%0K(c>|_OyZ1cmAU^Rcl&opU8ghQx6khR5fSEG-aMZ6xTG&ls8qt-i;}RuGth? zpPxggn_n9qcA-CFz`#qXxm@62Nzls|BDX$CQN%}#_IxlcIJ>6Z+u;QAQg{ZP$-d{y z;72pk|2FJXTSprZI20O7yMeLmIj;ll=SAbWf;ASFaC~ zYwd+ZM7sC3SkN}lF$l(+(nFx!L)Fy~K zTM7U#K$rRJxVK;xUy}`hn3jvtK0Ttq|6%r+8+&u$JyNcOw<`l@5CtF`Gzws>YBk3m zxT0-CO3~fhDCbAxjQ-D#5ENRLQX6F70;Q2}Y^q9a+A+&pm}USkUrI<@sd^=iN?Me# zy(L%6=xS~0z{of)G=-<`xd*ok`rLETs<+uP_dg6WF3|GyDYiLDTrI60VhPs9eU;hl zeaGb&jg>2h*|4ZdoDu2EcWm*v4f!k5UeDMWw}b1seMJ$sLnSu-f@{6}hkE0x{VZj- zveAAMpZrl39-%D|xft9;Ih{eZm&uoBc_}alwnca|-}KV3 zfsv_OZOf@!G%kq5xkv4yDh{>@{w>T091MM4Ob=VZd0k$N^%Xx+x8+!e>IomgZQ^xm zO{@L_)o1Y~0arjE7;-T3pbGVPyyp^Qt%h8^)@>fpm~@80S9x6Z<SOWylFA??8EHewkj#M9=icAR`048V_*nHTiA7 z0Gi0u=Xl*G^{wZu@#q-1E|n1f7r|NG+5!Eq+G@t0k3vwmv#v5md$rpT_z2nBQ-9<4 zC_JhzRXBj!C%>KI+7T6$Wr#sur^x@gbh5-p=Fd(&k`@OtrPu zY}F12ob0hx^{7GCNZp`~2O6ZIIEzPn#N{K;$m; z@&5r&S^|*0WwP&oL*;c1hY5B(MM767XPJNZ{%qIxBYI77>qX~+y0?6!5nn_*9x7fE zlHv1cqW=nEY9pBC)#}XP?EiY>aR!q<7y5`DiBL1g?u9ktJE4<*WA`#*QjXb^Z%{nE zCs#J*$;)7)JEz9EcaBM*k-w0Vc{`b@OI$-c+q*XJPb|J&D16Io72J){_Y9GRQuksy zP2KE!e6N~{<$G+cbWDuB+8V;wvKt1UUni~h@%Wh8){&h_Bed$I>Sg7LW7&J?5atz; z!;Bt|*Ciygza?SWx<6I|gHM`v2#|iYf?>u=8-n`m34^``VLY1Mke1+B%Os zprS|NJoi=@y39U#v8{k!)BJV}QjX#gu$CyS?-(zpeOet-;VHWuZ>3B3U+TlYWroFy zt0uhd>zkJm+%6AYt9;?k^dAy>&Q?~I2i7vvTpLpS!hC}K=HZziwv`JdBA4rfAKZyU zE@&^%oSJ$Q{hYDHjzXwe$YO@f1hQt6A|O=v^Zbr#Cb)ljt=VGl6F66?JG##PJfy|} zI=rjF(Wjsxs8;Py7?~XX#BFU5X2|rj0*^cSj&# z1o6H`!AYyeOv{C*!Niuzh+erT!}wJ@@+x48y~?DaTO)w)Pfip1lzn$65vH0ikQ7VV z5eiR=7PUa1-)#SElqd`@&Bqs1tK`V(;C|Wdecn0*&iEj>b6aY|$#zZYu@jnmV2ua2SeCsnL*AsKC zTF!@soba%lv0dbwZ}zf7JSL?#V75d9TL+(b-$fhF9a+EZykZYAVx}lJcUi?%A={C| z@M-_iH-x*xbIb5L1hd8K;?D&iSWrl3&qMj-djW(E6?99T9Ai}M&#l-~Fe&4eP%Tl2 zx}DhiyMU$WVwaf1NMGN1$65L6lH6@fy>W+}n}Seq-Y0bwPvuv>-i<}!<<^i8la*FZ z?5yIZ7VfZ(z1T)sg;I(qeu%Qrbvb+crcb_2qSr}FE}t{l1V4+Zc*LH37jEm9IZlXh zlHi;oO^wYT<)iZkMg~tx1QMeM1CtmbEgz~?z`th?eQ8~OaNJ>$NLaEp&nz1i9P{UM znrRH8_Yd1bIG6Z_*;_;24YdlGnUHZETp}T^f57 zz=2~EGne5db&H12gY0JA3-QYKfQPzIzl@Gtpv2j7c&Mkei)14M8l^rowxODKGSW{Z zVnyE0KWALi$*7BM7|aUbi~t_;@NJ_b(v;xok#i9(r?Whj?N?oKNP9EP%Iek2;mgT# z z$Gark$;T~>wpw8mt`BF*Dt~?zF0ox(pZvxXprx{`Yo}){8xTeI#|OdXaN|B%9UcbF-3Wyfyu;a@2aF; z$NTmko|_91z4?sF3o1^V9!-H<5aU7#7G0`RoY;T#sq26Bqed2NIsIX1xq|QUQOn!v zNW?|nTIb67=}eHc&7;bHei)J zS7_2bUOul-)|tKb3GR2A)_orjQ5K)(oT+l~q#4rkhgL@{&$>KZY8!VmnM?2VbXx09 zIr_q|a#B{%m3ilf``ObQO4qj7HIOj<*Q+(Xrqf+zm^J!sE_l~%=>kA^XASX_gurbv zA%3_5_*oA%QFgOu#EPSGWffaY&GlRB>#zw1U2gO0nG1U zz!&*GtG{mqD$JpgZl*VjM=g23-2(C@?_uXmjWu0TF2I-1%W&5x+^PRJf0!uEF%|Kq zl9QkDnJslMNsoKV{7dav)bQ* zv~4lpXziDrps$u3{tCBY%VJZ(7gNCJ-(#eX9Fk}PB#hU-f4zAn9Dcsufma}lE$Em} zT6g!0`YSKFysp5NPj=26RU@%*ncj6O@+hzhtm9-3D)>!EQZgP3Cx_kZxWSWsUiOEuVDY#?YuB z1h}(q%^^^C*9S#NKHDV+1Lc-kFDDKJn;D;|TyaOZ5qG}V7zA+DI~CJ{4PWbk!)y5h zC0egj>famtThmcIkeB_B;xCg@m%tVShdjnCz2FY9DJCjqEz=3BL43dS)(X~ZTM(X# zlXtynC}MZoI8td7vosdZm;EqP$d%r+`RPKv755_QeRMxFfWJA2E=BpUoTXLeYcdp*$w76v>OcU^%O zdD?71cKSq7y|Ui}+!Mln%2eNdfGm_6}gdk@PUePzoIk$ooQ8S@;U2^H=%PakFhwimm#GR(@H0ce#FNRg%FQgl zR|d_cQn9_{uc5j-50S^xWO=cb$ez@@5HQ+mj>Tr{_3+JRbxl3%3l{FFw4CjIT($hu8q&UH{ z1;L{4zL40R&evIKSq3PUEJlzEV{dZ`i`aPsK#!IAI1XQq@SN}tNUNolR)&}<+&tY> zw0~&K(vzjrJyxE29}5%x)1Yk=ey^1}70^t;^c6*o)Z;KgOP;xRhCdD^D5$E+pe*X3 zo`)e=GwP9bPoKfSak%eBKjFg}MJXr{-jTf}IPLM%3E!UJ_tV~HC({mRvF+aW`_IqP zcJBVHjI!?hYi2$BN})-?1Vh7^9q=o77N}SZ5WW|4IBpR}@0|Lk^0}{-!fS=!A9~t5 zsY|960jwqFm@A=vnnsdco_;+P;XjjoqD5H1;2*Ki%W;#V&%k>lYrl6SLL`|OVGpQT zqZM9Lz%^d@$Kz|Fzg~$VgVcX~8RqcMyw4feR(yO8Qyu?>=v`SraVn6S(4dr196y2BKP~gXb*Yx_1?Qjha8FFEVDE_&z$Y)!=Ju7@jrc zD_kTGA!CgPWOy0gRg9>eFb-@RMo)(pChC`T+!$lcKD4V`pw_UjgzjC%!p||@`B5xd zxloGQ@IeV%ykvs6@W>LZbr@jg+#tKfJ(VE;O2isk_`IpKQ=D}6tF76UQ5yHxZ<3xD(}&a*mFI;l9#>Ryu8>?DR7&cItE#Cw?w@E zp%OL4<#cIQSnwlN$>2X3r5N#_qTK=D07_nJ#y^3 zfYsOKlx*W{IxcI1TOBZEx(h@?ziTnIv!)NG{==*Efya%WqHLi4?s-lK{!r`v-E^MV zL%4-|vDn=kKArC~TP5JC$voS7Z5EoqyXZQ1+-I=vGS`a!{dxPxT~XW3z{_yjB(ryc zc)j`%*5QFN!{Eq12_%4qnG0ORLYuKB(>J z(*!JaD_h7{Y*On4kWYVEY|J2Xy zonGLKis%rR7OC%W^7RkN$Ll<9esYR=B(~k|e;GKP(>iC??vLLIM1uY0|HOxhmglQ# z1>|J8iAR$rx;wJhjKYJgIal-}){&mEGyB96#18&xM$FcqH zHPh(3Gtfr2UeakEt5v$kJudGze8=i#478hIq%djy3(C(6K@X&+y0~ z#Yqjlc*YIV}vx2I?_+9 z7t7o)*Q4I3mV}$f2zQgMv|3Gkc+w+)6G^AINiUEU?5|1cJ4W|1n8>lG#Y{YJJp7%a zpc}KW5k*q@UNHE}it-26Inz?|9gvmv|Jm`v`J_Ujf_#iQ8LnwNS9)UHMKcNI@L-d2?M5n#89vJqr~P)LEv%XL&g1!Z)7`#FwvM99a_5U;yYYswBKUO3%L|e z48g+Q);dtWQ)lYp9MIDMJo-S09O=Z6Im+e!uk#)4T*OKn53VGMVZSXf`C(uL*`T$#LD))=AiS8%FRijRS8euHq zs#DzHV@0cc)r+3;_@lixwTaCasLsL);{9SdHO(Osh%B+PJVn7y4j=FY+vWsY%v^wQ zwJcP)Pv+8gkS?fi6a zGOTjKe*#w%q-2@)l(m<%o~|bIV{yP38u!wGTp@XG-wP?iFFoJT{OE6C+u1M;WJ`zc zCfy^b_R{_N=B9A(?CMh@-8}ReyIq{2z0{u?x$UJa|M)GJBT6jSUSsf9@_hISt;}PHkpFJXr|Hi4|x{z+AX(s0If@JpC^a-!hj#;#(SS4XxOBT5epO0W-r_QQM2xT+ZvXDRT zF<{Y*5@PFz#>xfC7l^Xs1ujACf-rXSN+4j5K))s7pRVw-|1}?*>Y-HgQ;@WGFxh4YLvvI zkJHDfpu+x9ysct)Kqx|P}Ov_48Xx>1On)Kc= Z7U~)vihe=@{v-j?)4r=!qVf3k{{T?LZ(aZZ From e42bab0d62c239744cd8e5b4ed028327700a8918 Mon Sep 17 00:00:00 2001 From: Fnu Aimi Date: Fri, 18 Oct 2024 15:23:04 -0700 Subject: [PATCH 6/7] Update SECURITY.md --- SECURITY.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/SECURITY.md b/SECURITY.md index 75a3b51..929cbfa 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,11 +1,11 @@ ## Reporting Security Issues -We take all security reports seriously. -When we receive such reports, -we will investigate and subsequently address -any potential vulnerabilities as quickly as possible. -If you discover a potential security issue in this project, -please notify AWS/Amazon Security via our -[vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/) -or directly via email to [AWS Security](mailto:aws-security@amazon.com). -Please do *not* create a public GitHub issue in this project. +Amazon Web Services (AWS) is dedicated to the responsible disclosure of security vulnerabilities. + +We kindly ask that you **do not** open a public GitHub issue to report security concerns. + +Instead, please submit the issue to the AWS Vulnerability Disclosure Program via [HackerOne](https://hackerone.com/aws_vdp) or send your report via [email](mailto:aws-security@amazon.com). + +For more details, visit the [AWS Vulnerability Reporting Page](http://aws.amazon.com/security/vulnerability-reporting/). + +Thank you in advance for collaborating with us to help protect our customers. From b0b7ee0924b9d7855b30dfcbdb56d8b0fb5f0081 Mon Sep 17 00:00:00 2001 From: msw Date: Fri, 12 Jun 2026 12:26:30 -0700 Subject: [PATCH 7/7] Update SECURITY.md Update the security reporting guidelines to include information about Coordinated Vulnerability Disclosure (CVD) and provided links to CVD resources --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 929cbfa..8bf5399 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,6 +1,6 @@ ## Reporting Security Issues -Amazon Web Services (AWS) is dedicated to the responsible disclosure of security vulnerabilities. +Amazon Web Services (AWS) practices industry-standard Coodinated Vulnerability Disclosure (CVD) with the goal of reducing adversary advantage while a security vulnerability is being addressed. The [CERT® Guide to Coordinated Vulnerability Disclosure](https://certcc.github.io/CERT-Guide-to-CVD/tutorials/cvd_in_a_nutshell/) provides information about the CVD process, and outlines tools and practices that can help achieve this goal. We kindly ask that you **do not** open a public GitHub issue to report security concerns.