Skip to content

chore(docs): migrate WASMEdge and Kyverno security assessments #1835

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Sep 3, 2025
Merged

chore(docs): migrate WASMEdge and Kyverno security assessments #1835

merged 9 commits into from
Sep 3, 2025
+280 −175

Conversation

brandtkeller
Copy link
Member

@brandtkeller brandtkeller commented Aug 20, 2025
edited
Loading

Description

This is a direct migration of the WASMEdge updates to the self-assessment and creation of the joint-assessment as reflected in cncf/tag-security#1477 .

This also migrates the Kyverno self assessment updates from cncf/tag-security#1486 .

Relates to #1702

@brandtkeller brandtkeller requested a review from a team as a code owner August 20, 2025 18:14
@brandtkeller brandtkeller changed the title chore(docs): migrate wasmedge security assessments chore(docs): migrate WASMEdge and Kyverno security assessments Aug 20, 2025
JustinCappos
JustinCappos approved these changes Aug 21, 2025
View reviewed changes
Copy link
Contributor

@JustinCappos JustinCappos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for moving these over.

@realshuting
Copy link
Contributor

Thanks @brandtkeller for consolidating these!

@JustinCappos JustinCappos mentioned this pull request Aug 21, 2025
Open
@mnm678
Copy link
Contributor

mnm678 commented Sep 3, 2025

Can we get a review for this from @cncf/cncf-toc

@jkjell jkjell mentioned this pull request Sep 3, 2025
Open
kfaseela
kfaseela reviewed Sep 3, 2025
View reviewed changes
projects/wasmedge/security-assessment/joint-assessment.md Outdated

### Additional recommendations

* Consider implementing Uptane or TUF for secure updates of core functionality on edge devices
Copy link
Contributor

@kfaseela kfaseela Sep 3, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendations and “Additional recommendations” here both mention Uptane/TUF and attestations → consolidate/clarify to avoid duplication.

kfaseela
kfaseela reviewed Sep 3, 2025
View reviewed changes
JustinCappos
JustinCappos reviewed Sep 3, 2025
View reviewed changes
JustinCappos
JustinCappos reviewed Sep 3, 2025
View reviewed changes
JustinCappos
JustinCappos reviewed Sep 3, 2025
View reviewed changes
JustinCappos
JustinCappos reviewed Sep 3, 2025
View reviewed changes
JustinCappos
JustinCappos approved these changes Sep 3, 2025
View reviewed changes
Copy link
Contributor

@JustinCappos JustinCappos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've fixed @kfaseela 's comments. I think this is ready to merge.

@JustinCappos JustinCappos merged commit 63fc5cd into cncf:main Sep 3, 2025
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JustinCappos JustinCappos JustinCappos approved these changes

@kfaseela kfaseela kfaseela approved these changes

@mnm678 mnm678 mnm678 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@brandtkeller @realshuting @mnm678 @JustinCappos @kfaseela