diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3be35bc7..e5a39bcf 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,13 +1,37 @@ version: 2 updates: - - package-ecosystem: 'npm' - directory: '/' + - package-ecosystem: "gomod" + directory: "/" schedule: - interval: 'weekly' + interval: "monthly" groups: - everything: + aws: patterns: - - '*' - update-types: - - 'minor' - - 'patch' + - "github.com/aws/*" + go.opentelemetry.io: + patterns: + - "go.opentelemetry.io/*" + golang.org-x: + patterns: + - "golang.org/x/*" + k8s.io: + patterns: + - "k8s.io/*" + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "monthly" + groups: + promci: + patterns: + - "prometheus/promci*" + codeql: + patterns: + - "github/codeql-action*" + # Exclude configs synced from upstream prometheus/prometheus. + exclude-paths: + - .github/workflows/container_description.yml + - .github/workflows/golangci-lint.yml + - .github/workflows/govulncheck.yml + - .github/workflows/scorecards.yml + - .github/workflows/stale.yml diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md new file mode 100644 index 00000000..d325872b --- /dev/null +++ b/CODE_OF_CONDUCT.md @@ -0,0 +1,3 @@ +# Prometheus Community Code of Conduct + +Prometheus follows the [CNCF Code of Conduct](https://github.com/cncf/foundation/blob/main/code-of-conduct.md). diff --git a/LICENSE b/LICENSE index cfe7d6de..261eeb9e 100644 --- a/LICENSE +++ b/LICENSE @@ -1,4 +1,4 @@ - Apache License + Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ @@ -178,7 +178,7 @@ APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" + boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a @@ -186,7 +186,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2015 Simon Nyberg + Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..5e6f976d --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,6 @@ +# Reporting a security issue + +The Prometheus security policy, including how to report vulnerabilities, can be +found here: + +[https://prometheus.io/docs/operating/security/](https://prometheus.io/docs/operating/security/)