search

openjs-foundation / security-collab-space

a repository for documenting and coordinating the foundation's security collaboration space
Apache License 2.0
23 stars 5 forks source link

Template: Minimal Vulnerability Disclosure Policy #107

Open ruddermann opened 4 months ago

ruddermann commented 4 months ago

This template is designed to be the minimum viable Vulnerability Disclosure Policy for an OpenJS Project. It meets the following criteria:

A working draft can be found here: https://docs.google.com/document/d/1yqugQ0W5w-gSmS5_repndlxlqdc8UrNLlHSeFmEdNkQ

SecurityCRob commented 3 months ago

CRob from OpenSSF Vuln Disclosures WG here. Nice work team. Added small optional suggestion, otherwise, LGTM