Skip to content

Add OpenSSF Baseline compliance files #193

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mlieberman85 wants to merge 0 commits into from
Closed

Add OpenSSF Baseline compliance files #193

mlieberman85 wants to merge 0 commits into from

Conversation

@mlieberman85
Copy link

@mlieberman85 mlieberman85 commented Feb 4, 2026

Summary

This PR adds files and configurations required for OpenSSF Baseline compliance.

Changes

  • CODEOWNERS - Defines code ownership for @mlieberman85, @pxp928, @funnelfiasco
  • MAINTAINERS.md - Documents project maintainer roles and responsibilities
  • GOVERNANCE.md - Establishes project governance model
  • SUPPORT.md - Provides support channels and resources
  • Bug report template - Standardized issue template for bug reports
  • SECURITY.md - Updated with VEX policy section
  • dependabot.yml - Updated dependency scanning configuration
  • DCO enforcement - Developer Certificate of Origin configuration

Controls Addressed

Control Description
OSPS-GV-01.01 Governance documentation
OSPS-GV-01.02 Maintainer documentation
OSPS-GV-04.01 Code ownership
OSPS-DO-02.01 Issue templates
OSPS-DO-03.01 Support documentation
OSPS-VM-04.02 VEX policy
OSPS-VM-05.01/02/03 Dependency scanning

Test Plan

  • Verify CODEOWNERS triggers correct reviewers
  • Verify issue template appears when creating bugs
  • Re-run OpenSSF Baseline audit to confirm compliance

🤖 Generated with Claude Code

@mlieberman85 mlieberman85 force-pushed the fix/openssf-baseline-compliance branch from 01a3fe4 to 401d2b1 Compare February 5, 2026 01:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mlieberman85