policies[0].name=mypolicy,policies[0].statements[0].resources[0]='arn:aws:s3:::bucket1',policies[0].statements[0].actions[0]='s3:ListBucket',policies[0].statements[0].actions[1]='s3:GetObject' minio/minio ``` Description of the configuration parameters used above - - `policies[].name` - name of the policy to create, must be a string with length > 0 - `policies[].statements[]` - list of statements, includes actions and resources - `policies[].statements[].resources[]` - list of resources that applies the statement...

# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file

version: 2
updates:
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "daily"
    labels:
      - "@dev-productivity"
      - "a:chore"

# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations
# under the License.

_extends: maven-gh-actions-shared:.github/release-drafter.yml
tag-template: maven-$RESOLVED_VERSION

# Override replacers to strip backport branch prefixes and handle JIRA links
replacers:

# under the License.
   
name: Release Drafter
on:
  push:
    branches:
      - master
  workflow_dispatch:

jobs:
   update_release_draft:

policies[0].name=mypolicy,policies[0].statements[0].resources[0]='arn:aws:s3:::bucket1',policies[0].statements[0].actions[0]='s3:ListBucket',policies[0].statements[0].actions[1]='s3:GetObject' minio/minio ``` Description of the configuration parameters used above - - `policies[].name` - name of the policy to create, must be a string with length > 0 - `policies[].statements[]` - list of statements, includes actions and resources - `policies[].statements[].resources[]` - list of resources that applies the statement...

        return
    commits = list(use_pr.get_commits())
    current_commit = [c for c in commits if c.sha == settings.commit_sha][0]
    run_url = f"https://github.com/{settings.github_repository}/actions/runs/{settings.run_id}"
    if settings.state == "pending":
        current_commit.create_status(
            state="pending",
            description="Deploying Docs",
            context="deploy-docs",

			Resources: set.CreateStringSet(policy.NewResource(bucketName).String()),
			Actions:   set.CreateStringSet("s3:GetBucketLocation", "s3:ListBucket"),
		},
		{
			Effect:    string(policy.Allow),
			Principal: miniogopolicy.User{AWS: set.CreateStringSet("*")},
			Resources: set.CreateStringSet(policy.NewResource(bucketName + "/" + prefix).String()),
			Actions:   set.CreateStringSet("s3:GetObject"),
		},
	}
}

process of investigating, assessing and resolving a vulnerability report
opened by a MinIO employee or an external third party.

Therefore, it lists pre-conditions and actions that should be performed to
resolve and fix a reported vulnerability.

## Vulnerability Management Process

The vulnerability management process requires that the vulnerability report
contains the following information:

- tiangolo
- codecov
- github-actions
- pre-commit-ci

---
version: 2
updates:
  - package-ecosystem: gomod
    directory: /
    schedule:
      interval: weekly
  - package-ecosystem: github-actions
    directory: /
    schedule:
      interval: weekly
  - package-ecosystem: gomod
    directory: /tests
    schedule: