Skip to content

Revise Security and Threat Disclosure page #6472

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Oct 28, 2025
Merged

Revise Security and Threat Disclosure page #6472

merged 5 commits into from
Oct 28, 2025

Conversation

@skmahe1077
Copy link
Contributor

@skmahe1077 skmahe1077 commented Oct 26, 2025

Fixes #6308
This PR updates the Security and Threat Disclosure page for clarity and consistency across the Knative Docs site, based on the recommendations in issue #6308

@netlify
Copy link

netlify bot commented Oct 26, 2025
edited
Loading

Deploy Preview for knative ready!

Built without sensitive environment variables

Name Link
🔨 Latest commit 6b38419
🔍 Latest deploy log https://app.netlify.com/projects/knative/deploys/690128035e3fb200089f559f
😎 Deploy Preview https://deploy-preview-6472--knative.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@knative-prow knative-prow bot requested review from Cali0707 and skonto October 26, 2025 23:08
@knative-prow knative-prow bot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Oct 26, 2025
@Cali0707
Copy link
Member

Cali0707 commented Oct 27, 2025

/assign @evankanderson

evankanderson
evankanderson reviewed Oct 28, 2025
View reviewed changes
Copy link
Member

@evankanderson evankanderson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for doing this! A few comments, since things moved between when the issue was filed and when you took it on.

docs/versioned/reference/security/README.md Outdated
# Knative Security and Disclosure Information

This page describes Knative security and disclosure information.
This page describes how to validate code and report security vulnerabilities in Knative.For a complete description of the Knative threat model, see the following resource:
Copy link
Member

@evankanderson evankanderson Oct 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
This page describes how to validate code and report security vulnerabilities in Knative.For a complete description of the Knative threat model, see the following resource:
This page describes how to validate code and report security vulnerabilities in Knative. For a complete description of the Knative threat model, see the following resource:

Copy link
Contributor Author

@skmahe1077 skmahe1077 Oct 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This one also corrected as per your suggestion

docs/versioned/reference/security/verifying-cli.md Outdated
about the provenance of those binaries.

## Code Signature Verification
## Verifying a Code Signature
Copy link
Member

@evankanderson evankanderson Oct 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think "binary signature" would make more sense here:

Suggested change
## Verifying a Code Signature
## Verifying a Binary Signature

Copy link
Contributor Author

@skmahe1077 skmahe1077 Oct 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Modified code to Binary

@knative-prow knative-prow bot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels Oct 28, 2025
@knative-prow knative-prow bot added lgtm Indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Oct 28, 2025
@evankanderson
Copy link
Member

evankanderson commented Oct 28, 2025

/lgtm
/approve

@knative-prow
Copy link

knative-prow bot commented Oct 28, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: evankanderson, skmahe1077

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@knative-prow knative-prow bot merged commit f4022d6 into knative:main Oct 28, 2025
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@evankanderson evankanderson evankanderson approved these changes

@Cali0707 Cali0707 Awaiting requested review from Cali0707

@skonto skonto Awaiting requested review from skonto

Assignees

@evankanderson evankanderson

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Revise the Security and threat disclosure page

3 participants

@skmahe1077 @Cali0707 @evankanderson