Hi team, I've noticed that there is not a security policy for this project. GitHub recommends that projects have a Security Policy (SECURITY.md). This is a simple document that explains how the project wishes to receive and handle responsible disclosure of potential vulnerabilities, hopefully reducing public exposures.
There are a few ways to receive such disclosures:
have an email or website available to receive such reports; and/or
Hi team, I've noticed that there is not a security policy for this project. GitHub recommends that projects have a Security Policy (SECURITY.md). This is a simple document that explains how the project wishes to receive and handle responsible disclosure of potential vulnerabilities, hopefully reducing public exposures.
There are a few ways to receive such disclosures:
If you're interested in GitHub's feature, it must be activated for the repository by:
If you activate that, I can send a PR suggesting a Security Policy markdown file afterwards. Thanks!