Merge pull request #1211 from cncf/JustinCappos-assessment-update

Remove project list and clarify the assessment process
cncf · Jan 4, 2024 · b3f11f7 · b3f11f7
2 parents ac0c495 + 7e17109
commit b3f11f7
Showing 1 changed file with 5 additions and 10 deletions.
diff --git a/assessments/projects/README.md b/assessments/projects/README.md
@@ -1,19 +1,14 @@
 # Security TAG Reviews
-<!-- cSpell:ignore Buildpacks buildpacks -->
 This directory contains the artifacts of Security TAG's various assessments and
 reviews of projects. Information on the processes to by which these artifacts
 are produced can be found in the [guide](/assessments/guide).
 
-## Project reviews and assessments
+Note that the process has changed slightly over time, so please see the individual 
+project directory for information about what type of assessment was performed.  
 
-| Project | Type | dtd |
-| ------- | ---- | --- |
-| Cloud Native Buildpacks | [Joint Review](buildpacks) | 2021 September |
-| Harbor | [Joint Review](harbor) | 2020 April |
-| in-toto | [Joint Review](in-toto) | 2019 May |
-| Keycloak | [Joint Review](keycloak) | 2020  |
-| Open Policy Agent | [Joint Review](opa) | 2019 September |
-| SPIFFE/SPIRE | [Joint Review](spiffe-spire) | 2020 February |
+Note also, that some of the self-assessments were created by Security Pals, who are 
+external parties that review the project's documentation to create an assessment 
+draft.  These may not have been reviewed by the project team.
 
 ## CNCF project audits