search

vigna / fastutil

fastutil extends the Java™ Collections Framework by providing type-specific maps, sets, lists and queues.
Apache License 2.0
1.74k stars 194 forks source link

Create Security Policy #305

Closed joycebrum closed 7 months ago

joycebrum commented 10 months ago

Closes #304

I've created the SECURITY.md file considering the new GitHub feature, report vulnerability through security advisory.

If want to use this feature, it must be activated for the repository:

  1. Open the repo's settings
  2. Click on Code security & analysis
  3. Click "Enable" for "Private vulnerability reporting (Beta)"

If you rather not enable it, there is also the possibility to receive the vulnerability report through an email. In this case just let me know what would be the email and I'll submit the change.

Besides that, feel free to edit or suggest any changes to this document. It is supposed to reflect the amount of effort the team can offer to handle vulnerabilities.

joycebrum commented 8 months ago

Hey! This issue/PR has been idle for quite some time. Do you plan on considering these changes? Is there anything I can do to help on addressing it?

I plan on waiting up to 2 more months before closing the PR, but let me know if you rather keep it open.

Thanks!

vigna commented 7 months ago

I'm sorry, but fastutil is kinda maintenance mode and I don't think this is necessary at this point.

joycebrum commented 7 months ago

Sure, no problem. Thanks for the return!