search

MikeMcl / decimal.js

An arbitrary-precision Decimal type for JavaScript
http://mikemcl.github.io/decimal.js
MIT License
6.35k stars 480 forks source link

Create Security Policy #227

Open joycebrum opened 1 year ago

joycebrum commented 1 year ago

Closes #226

I created the SECURITY.md file considering GitHub's new feature, report vulnerability through security advisory.

If you want to use this GitHub feature, you must first activate it for the repository:

  1. Access the "Code security & analysis" settings by the following link https://github.com/MikeMcl/decimal.js/settings/security_analysis.
  2. Click Enable for Private vulnerability reporting (Beta).

If you don't want to enable it, you can also receive the vulnerability report by email. In that case, just let me know what email address to use, and I'll submit the change.

Feel free to edit or suggest any changes to this document. It should reflect the amount of effort you can offer to handle vulnerabilities.

joycebrum commented 10 months ago

Hey! This PR has been idle for quite some time. Do you plan on considering these changes? Is there anything I can do to help ona addressing it?

I plan on waiting up to 2 more months before closing the PR, but let me know if you rather keep it open.

Thanks!