Having a well-defined way how to deal with security issues in dependencies and the project itself is an important quality factor. This is why we should require that for incubation stage 2. This includes setting up automatic checks for vulnerabilities in dependencies as well as documenting a policy for reporting security issues in a SECURITY.md file.
Having a well-defined way how to deal with security issues in dependencies and the project itself is an important quality factor. This is why we should require that for incubation stage 2. This includes setting up automatic checks for vulnerabilities in dependencies as well as documenting a policy for reporting security issues in a SECURITY.md file.