Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SECURITY.md file #3201

Merged
merged 1 commit into from
Aug 24, 2023
Merged

Add SECURITY.md file #3201

merged 1 commit into from
Aug 24, 2023

Conversation

david-a-wheeler
Copy link
Contributor

The policy for reporting security vulnerabilities is already clearly stated, but some reporters may only look for it in a "SECURITY.md" file.

This commit adds a SECURITY.md file, with the same contents as the README file about reporting vulnerabilities. That way, when someone is trying to report a vulnerability while in a panic, we'll increase the odds that they find that information :-).

Summary

Release Note

Documentation

@david-a-wheeler
Add SECURITY.md file
cdb8caf 
The policy for reporting security vulnerabilities is already
clearly stated, but some reporters may only look for it in a
"SECURITY.md" file.

This commit adds a SECURITY.md file, with the same contents
as the README file about reporting vulnerabilities.
That way, when someone is trying to report a vulnerability while
in a panic, we'll increase the odds that they find that information :-).

Signed-off-by: David A. Wheeler <[email protected]>
@haydentherapper haydentherapper enabled auto-merge (squash) August 24, 2023 02:59
@codecov
Copy link

codecov bot commented Aug 24, 2023

Codecov Report

Merging #3201 (cdb8caf) into main (1e9bac4) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main    #3201   +/-   ##
=======================================
  Coverage   30.42%   30.42%           
=======================================
  Files         155      155           
  Lines        9798     9798           
=======================================
  Hits         2981     2981           
  Misses       6369     6369           
  Partials      448      448

@haydentherapper haydentherapper merged commit d557f47 into sigstore:main Aug 24, 2023
28 checks passed
@github-actions github-actions bot added this to the v2.2.0 milestone Aug 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@haydentherapper haydentherapper haydentherapper approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v2.2.0
Development

Successfully merging this pull request may close these issues.
2 participants
@david-a-wheeler @haydentherapper