From 8c389b5592383bbb02e7055d21d8fa9109b8b6de Mon Sep 17 00:00:00 2001 From: Faseela K Date: Fri, 12 Jun 2026 16:32:17 +0200 Subject: [PATCH] clarify security self-assessment location in DD guide and graduation template Signed-off-by: Faseela K --- operations/dd-toc-guide.md | 2 +- operations/toc-templates/template-dd-pr-graduation.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/operations/dd-toc-guide.md b/operations/dd-toc-guide.md index 269411e4a..c53905466 100644 --- a/operations/dd-toc-guide.md +++ b/operations/dd-toc-guide.md @@ -97,7 +97,7 @@ This light-weight triage/evaluation must cover the list below (it is not exhaust * link to security.md, scan for a process to report issues * link to (scorecard: scan for branch protection, token permissions, SAST, and CI best practices in results) or link to other evidence of repo hardening * link to security report resolution process and roles - * link to completed or PR filed self-assessment + * link to completed self-assessment in `cncf/toc` under `projects//security-assessment/self-assessment.md` * link to best practices badge, confirm it is "passing" and 100% complete * Ecosystem * link to adopters file diff --git a/operations/toc-templates/template-dd-pr-graduation.md b/operations/toc-templates/template-dd-pr-graduation.md index a21503bf6..6ac9ea638 100644 --- a/operations/toc-templates/template-dd-pr-graduation.md +++ b/operations/toc-templates/template-dd-pr-graduation.md @@ -235,7 +235,7 @@ Note: this section may be augmented by a joint-assessment performed by TAG Secur -- [ ] **Document Security Self-Assessment.** +- [ ] **Document Security Self-Assessment.** The completed self-assessment must be available in `cncf/toc` under `projects//security-assessment/self-assessment.md`.