Skip to content

Refactor security policy documentation so that they appear in the Security policy tab of GitHub #9905

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
TravisEz13 merged 9 commits into from
Jul 16, 2019
Merged

Refactor security policy documentation so that they appear in the Security policy tab of GitHub #9905

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
93b4206
Refactor security guidelines documentation into .github/SECURITY.md f…
bergmeister Jun 15, 2019
c71d95f
update link in github issue template as well
bergmeister Jun 15, 2019
b530c20
Merge branch 'master' into UseGitHubSecurityTemplate
bergmeister Jul 2, 2019
9e05cf2
try fix markdown test
bergmeister Jul 2, 2019
0d99b45
Add logging to markdown failures as error message is truncated.
bergmeister Jul 5, 2019
6464952
fix markdown warning (top level needed) to fix build
bergmeister Jul 5, 2019
bb779d4
Merge branch 'master' of https://github.com/PowerShell/PowerShell int…
bergmeister Jul 5, 2019
b29ad3e
Merge branch 'master' of https://github.com/PowerShell/PowerShell int…
bergmeister Jul 16, 2019
163f790
Update docs/maintainers/issue-management.md
bergmeister Jul 16, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -382,7 +382,7 @@ Once you sign a CLA, all your existing and future pull requests will have the st
[testing-guidelines]: ../docs/testing-guidelines/testing-guidelines.md
[running-tests-outside-of-ci]: ../docs/testing-guidelines/testing-guidelines.md#running-tests-outside-of-ci
[issue-management]: ../docs/maintainers/issue-management.md
[vuln-reporting]: ../docs/maintainers/issue-management.md#Security-Vulnerabilities
[vuln-reporting]: ./SECURITY.md
[governance]: ../docs/community/governance.md
[using-prs]: https://help.github.com/articles/using-pull-requests/
[fork-a-repo]: https://help.github.com/articles/fork-a-repo/
Expand Down
8 changes: 4 additions & 4 deletions .github/ISSUE_TEMPLATE/Security_Issue_Report.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,12 @@ assignees: 'TravisEz13'

# Security Issue

Excerpt from [Issue Management - Security Vulnerabilities](https://github.com/PowerShell/PowerShell/blob/master/docs/maintainers/issue-management.md#security-vulnerabilities)
Excerpt from [Issue Management - Security Vulnerabilities](https://github.com/PowerShell/PowerShell/blob/master/.github/SECURITY.md)

> If you believe that there is a security vulnerability in PowerShell Core,
> If you believe that there is a security vulnerability in PowerShell,
it **must** be reported to [secure@microsoft.com](https://technet.microsoft.com/security/ff852094.aspx)
to allow for [Coordinated Vulnerability Disclosure](https://technet.microsoft.com/security/dn467923).
**Only** file an issue, if secure@microsoft.com has confirmed filing an issue is appropriate.

When you have permission from secure@microsoft.com to file an issue here,
please use the Bug Report template and state in the description that you are reporting the issue in coordination with secure@microsoft.com.
When you have permission from [secure@microsoft.com](https://technet.microsoft.com/security/ff852094.aspx) to file an issue here,
please use the Bug Report template and state in the description that you are reporting the issue in coordination with [secure@microsoft.com](https://technet.microsoft.com/security/ff852094.aspx).
5 changes: 5 additions & 0 deletions .github/SECURITY.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
# Security Vulnerabilities

If you believe that there is a security vulnerability in PowerShell,
it **must** be reported to [secure@microsoft.com](https://technet.microsoft.com/security/ff852094.aspx) to allow for [Coordinated Vulnerability Disclosure](https://technet.microsoft.com/security/dn467923).
**Only** file an issue, if [secure@microsoft.com](https://www.microsoft.com/en-us/msrc/faqs-report-an-issue?rtc=1) has confirmed filing an issue is appropriate.
5 changes: 2 additions & 3 deletions docs/maintainers/issue-management.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,8 @@

## Security Vulnerabilities

If you believe that there is a security vulnerability in PowerShell Core,
it **must** be reported to [secure@microsoft.com](https://technet.microsoft.com/security/ff852094.aspx) to allow for [Coordinated Vulnerability Disclosure](https://technet.microsoft.com/security/dn467923).
**Only** file an issue, if [secure@microsoft.com](https://www.microsoft.com/en-us/msrc/faqs-report-an-issue?rtc=1) has confirmed filing an issue is appropriate.
If you believe that there is a security vulnerability in PowerShell,
first follow the [vulnerability issue reporting policy](../../.github/SECURITY.md) before submitting an issue.

## Long-living issue labels

Expand Down