LLM/moltbot
1
0
Fork 0
mirror of https://github.com/moltbot/moltbot.git synced 2026-05-13 15:47:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
moltbot/.github/CODEOWNERS
Josh Avant bd4db5ee62 Add dependency release safety evidence and PR awareness (#81325) 
* test: cover dependency pin guard

* build: add dependency vulnerability gate

* build: add dependency risk report

* build: add dependency drift reports

* build: include dependency ownership surface evidence

* build: rename dependency report commands

* build: respect release age exclusions in risk report

* build: clarify transitive risk accounting

* build: remove transitive risk exception registry

* build: clarify transitive risk signal wording

* ci: attach dependency evidence to release preflight

* ci: extract dependency release evidence generator

* build: rename ownership surface dependency report

* ci: clarify release evidence naming

* build: clarify recently published risk report

* build: reorder transitive risk report sections

* build: fix ownership surface pluralization

* ci: surface dependency changes on PRs

* ci: harden dependency change awareness

* ci: use dependency changed PR label

* build: fix dependency report lint

* docs: add dependency safety changelog
2026-05-13 03:05:09 -05:00

59 lines
3.2 KiB
Plaintext
Raw Permalink Blame History

# Protect the ownership rules themselves.
/.github/CODEOWNERS @steipete
# WARNING: GitHub CODEOWNERS uses last-match-wins semantics.
# If you add overlapping rules below the secops block, include @openclaw/openclaw-secops
# on those entries too or you can silently remove required secops review.
# Security-sensitive code, config, and docs require secops review.
/SECURITY.md @openclaw/openclaw-secops
/.github/dependabot.yml @openclaw/openclaw-secops
/.github/codeql/ @openclaw/openclaw-secops
/.github/workflows/codeql.yml @openclaw/openclaw-secops
/.github/workflows/codeql-android-critical-security.yml @openclaw/openclaw-secops
/.github/workflows/codeql-critical-quality.yml @openclaw/openclaw-secops
/.github/workflows/dependency-change-awareness.yml @openclaw/openclaw-secops
/test/scripts/dependency-change-awareness-workflow.test.ts @openclaw/openclaw-secops
/src/security/ @openclaw/openclaw-secops
/src/secrets/ @openclaw/openclaw-secops
/src/config/*secret*.ts @openclaw/openclaw-secops
/src/config/**/*secret*.ts @openclaw/openclaw-secops
/src/gateway/*auth*.ts @openclaw/openclaw-secops
/src/gateway/**/*auth*.ts @openclaw/openclaw-secops
/src/gateway/*secret*.ts @openclaw/openclaw-secops
/src/gateway/**/*secret*.ts @openclaw/openclaw-secops
/src/gateway/security-path*.ts @openclaw/openclaw-secops
/src/gateway/resolve-configured-secret-input-string*.ts @openclaw/openclaw-secops
/src/gateway/protocol/**/*secret*.ts @openclaw/openclaw-secops
/src/gateway/server-methods/secrets*.ts @openclaw/openclaw-secops
/src/agents/*auth*.ts @openclaw/openclaw-secops
/src/agents/**/*auth*.ts @openclaw/openclaw-secops
/src/agents/auth-profiles*.ts @openclaw/openclaw-secops
/src/agents/auth-health*.ts @openclaw/openclaw-secops
/src/agents/auth-profiles/ @openclaw/openclaw-secops
/src/agents/sandbox.ts @openclaw/openclaw-secops
/src/agents/sandbox-*.ts @openclaw/openclaw-secops
/src/agents/sandbox/ @openclaw/openclaw-secops
/src/infra/secret-file*.ts @openclaw/openclaw-secops
/src/cron/stagger.ts @openclaw/openclaw-secops
/src/cron/service/jobs.ts @openclaw/openclaw-secops
/docs/security/ @openclaw/openclaw-secops
/docs/gateway/authentication.md @openclaw/openclaw-secops
/docs/gateway/sandbox-vs-tool-policy-vs-elevated.md @openclaw/openclaw-secops
/docs/gateway/sandboxing.md @openclaw/openclaw-secops
/docs/gateway/secrets-plan-contract.md @openclaw/openclaw-secops
/docs/gateway/secrets.md @openclaw/openclaw-secops
/docs/gateway/security/ @openclaw/openclaw-secops
/docs/cli/approvals.md @openclaw/openclaw-secops
/docs/cli/sandbox.md @openclaw/openclaw-secops
/docs/cli/security.md @openclaw/openclaw-secops
/docs/cli/secrets.md @openclaw/openclaw-secops
/docs/reference/secretref-credential-surface.md @openclaw/openclaw-secops
/docs/reference/secretref-user-supplied-credentials-matrix.json @openclaw/openclaw-secops
# Release workflow and its supporting release-path checks.
/.github/workflows/openclaw-npm-release.yml @openclaw/openclaw-release-managers
/docs/reference/RELEASING.md @openclaw/openclaw-release-managers
/scripts/openclaw-npm-publish.sh @openclaw/openclaw-release-managers
/scripts/openclaw-npm-release-check.ts @openclaw/openclaw-release-managers
/scripts/release-check.ts @openclaw/openclaw-release-managers
Reference in New Issue View Git Blame Copy Permalink