phated
commented
3 years ago @sttk don't merge things automatically. This isn't necessary because we have organization security notice.
Closed sttk closed 3 years ago
phated
commented
3 years ago @sttk don't merge things automatically. This isn't necessary because we have organization security notice.
sttk
commented
3 years ago @phated Sorry for merging automatically. :bow:
About security.md, this file is requested by Tidelift as a task.
phated
commented
3 years ago @sttk No, it is a bug in tidelift, Tidelift reads the global security policy at https://github.com/gulpjs/.github/blob/master/SECURITY.md - if they have a bug, you need to report it to them, not push into gulp repos.
sttk
commented
3 years ago @phated I entered the above URL as security policy page for Tidelift, and it succeeded. This pr was my mistake. Is it better to change security policy pages of other packages to the above?
phated
commented
3 years ago Yes, all should use the global policy
sttk
commented
3 years ago OK, I'll do that. Thanks.
This PR is to complete a Tidelift task.