pnacht
commented
1 year ago Hey, let me know if this is something you're interested in. Otherwise, feel free to close!
Closed pnacht closed 11 months ago
pnacht
commented
1 year ago Hey, let me know if this is something you're interested in. Otherwise, feel free to close!
Fixes #268.
As described in the issue, this PR adds a security policy for the project to let people know how to responsibly report any vulnerabilities they might find.
Currently the policy suggests either an email or using GH's private reporting feature. I couldn't find an appropriate email, so I've left a placeholder for now.
The policy also has a 90-day timeline to remediate any vulnerabilities, which is pretty common.
If you want to make any changes (to the email/website or just use the private report or change the timeline, for example), let me know and I'll happily change the PR.