This commit introduces a SECURITY.md file to guide the responsible disclosure and handling of vulnerabilities in mLoRA.
Key highlights:
Users are encouraged to report issues such as data poisoning, pipeline parallelism security risks, and container vulnerabilities.
Clear instructions are provided for reporting vulnerabilities via email or confidential GitHub issues.
Areas of concern include Docker security, API misuse, and credential management.
Guidelines are established for investigating and patching reported vulnerabilities.
The policy aims to improve the security posture of the project and provide contributors and users with a responsible process for addressing security risks.
This commit introduces a SECURITY.md file to guide the responsible disclosure and handling of vulnerabilities in mLoRA.
Key highlights:
The policy aims to improve the security posture of the project and provide contributors and users with a responsible process for addressing security risks.