Merge branch 'main' into docs/readme_fix

.github/dependabot.yml

@@ -0,0 +1,19 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
+
+version: 2
+updates:
+  # Github Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+  # Python
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    labels:
+      - "dependencies"

SECURITY.md

@@ -0,0 +1,31 @@
+# Security Policy
+
+Security is very important for Vizro and its community 🔒
+
+If you believe you have found a security vulnerability, please report it to us as described below.
+
+## Supported Versions
+
+The latest version of Vizro is supported. We encourage you to update your Vizro version frequently, this way you will benefit from the latest features, bug fixes, and **security fixes**.
+
+## Reporting a Vulnerability
+
+**Please do not report security vulnerabilities through public GitHub issues to limit the potential impact on current users.**
+
+If you think you found a vulnerability, and even if you are not sure about it, please report it right away by sending an email to: [email protected]
+
+Please try to be as explicit as possible to help us better understand the nature and scope of the possible issue by providing:
+
+- Type of issue (e.g. cross-site scripting, SQL injection, etc.)
+- Impact of the issue, including how an attacker might exploit the issue
+- Step-by-step instructions to reproduce the issue
+- Example code or any special configuration to reproduce the issue
+- Location of the affected source code (e.g. branch/commit/URL)
+
+We will review it thoroughly and get back to you. If the issue is confirmed, we will release a patch as soon as possible.
+
+---
+
+Thanks for your help!
+
+The Vizro team thanks you for that 🙇

vizro-core/CHANGELOG.md

@@ -11,6 +11,24 @@ See the fragment files in the [changelog.d directory](https://github.com/mckinse
 
 <!-- scriv-insert-here -->
 
+<a id='changelog-0.1.1'></a>
+
+# 0.1.1 — 2023-09-21
+
+## Added
+
+- Enable `title` argument in `Dashboard` model, which allows a title to be added on every page on top left-side ([#31](https://github.com/mckinsey/vizro/pull/31))
+
+- Add the ability to use custom actions. Currently in beta, expect this to break at any time. ([#46](https://github.com/mckinsey/vizro/pull/46))
+
+## Changed
+
+- Provide ID to outer div to enable CSS customization of component and its sub-components ([#29](https://github.com/mckinsey/vizro/pull/29))
+
+- Disable creation of accordion navigation if only one page is provided ([#32](https://github.com/mckinsey/vizro/pull/32))
+
+- Change the structure of user-guides in documentation to group topics ([#42](https://github.com/mckinsey/vizro/pull/42)).
+
 <a id='changelog-0.1.0'></a>
 
 # 0.1.0 — 2023-09-08