Dexus / pem

Create private keys and certificates with node.js
Other
570 stars 129 forks source link

Create a Security Policy #374

Closed achesin closed 11 months ago

achesin commented 11 months ago

Hi team, I've noticed that there is not a security policy for this project. GitHub recommends that projects have a Security Policy (SECURITY.md). This is a simple document that explains how the project wishes to receive and handle responsible disclosure of potential vulnerabilities, hopefully reducing public exposures.

There are a few ways to receive such disclosures:

If you're interested in GitHub's feature, it must be activated for the repository by:

  1. Open the repo's settings
  2. Click on Code security & analysis
  3. Click "Enable" for "Private vulnerability reporting (Beta)"

If you activate that, I can send a PR suggesting a Security Policy markdown file afterwards. Thanks!

Dexus commented 11 months ago

It's now enabled. Thanks