-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create a Security Policy #5723
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Hi, I'm from Google Open Source Security Team and I'd like to suggest to create a Security Policy for the repository.
A Security Policy is a GitHub standard document (SECURITY.md) that can be found in the "Security Tab" to instruct users how to report vulnerabilities in a safe and efficient way.
It is a Scorecard Recommendation (being a security measure of medium priority) and a Github Recommendation.
Together with this issue I'll submit one suggestion of Security Policy, feel free to edit it directly or ask me for editions until it is in compliance with how would best handle vulnerability reports.
Live Demo
It would appear in the Security Dashboard and in the About section:
The text was updated successfully, but these errors were encountered: