Merge pull request #137 from stacklok/cleanup-openssf-baseline

Apply suggestions from #136
mindersec · Aug 6, 2024 · 4921000 · 4921000
2 parents 25d0a0f + 75f9af8
commit 4921000
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 1 deletion.
diff --git a/profiles/github/openssf_security_baseline.yaml b/profiles/github/openssf_security_baseline.yaml
@@ -46,7 +46,7 @@ repository:
   # Check for an dependency policy entry in the security insights file.
   - type: security_insights_dep_policy
     name: security_insights_dep_policy
-    displayName: "Check for a dependency polcicy in the Security Insights file."
+    displayName: "Check for a dependency policy in the Security Insights file."
     def:
       filename: SECURITY-INSIGHTS.yml
 

diff --git a/rule-types/github/security_policy.yaml b/rule-types/github/security_policy.yaml
@@ -8,6 +8,9 @@ context:
 description: Raise an alert if a repository is missing a security policy file.
 guidance: |
   Ensure that a repository has a security policy file
+
+  For more details on security policies on GitHub, see
+  https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository
 def:
   in_entity: repository
   rule_schema: