diff --git a/.github/dependabot.yml b/.github/dependabot.yml index ac6621f19..3a3cce576 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,7 +5,7 @@ version: 2 updates: - - package-ecosystem: "" # See documentation for possible values + - package-ecosystem: "npm" # See documentation for possible values directory: "/" # Location of package manifests schedule: interval: "weekly" diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..1bc7c06e8 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,27 @@ +# Security Policy + +As a U.S. Government agency, the General Services Administration (GSA) takes +seriously our responsibility to protect the public's information, including +financial and personal information, from unwarranted disclosure. + +Software developed by the U.S. General Services Administration (GSA) +is subject to the [GSA Vulnerability Disclosure Policy ](gsa.gov/vulnerability-disclosure-policy). + +Please consult our policy for: +* How to submit a report if you believe you have discovered a vulnerability. +* GSA's coordinated disclosure policy. +* Information on how you may conduct security research on GSA developed + software and systems. +* Important legal and policy guidelines. + +## Supported Versions + +Please note that only certain branches are supported with security updates. + +| Version (Branch) | Supported | +| ---------------- | ------------------ | +| main | :white_check_mark: | +| other | :x: | + +When using this code or reporting vulnerabilities please only use supported +versions. diff --git a/pages/_includes/google-analytics.html b/pages/_includes/google-analytics.html index 315785aa8..83328787a 100644 --- a/pages/_includes/google-analytics.html +++ b/pages/_includes/google-analytics.html @@ -1,8 +1,11 @@ - - + +