Skip to content

chore: add security policy #188

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
cjdcordeiro merged 2 commits into from
Jan 9, 2025
Merged

chore: add security policy #188

cjdcordeiro merged 2 commits into from
Jan 9, 2025

Conversation

@cjdcordeiro
Copy link
Collaborator

@cjdcordeiro cjdcordeiro commented Jan 7, 2025

  • Have you signed the CLA?

Add a security policy (SECURITY.md file) to the repo.

@cjdcordeiro cjdcordeiro added the Simple Nice for a quick look on a minute or two label Jan 7, 2025
@zhijie-yang
Copy link
Contributor

zhijie-yang commented Jan 7, 2025

This is a simple security.md yet provides enough information for users to submit vulnerability findings. I'm just wondering if we should adopt a similar structure as the one in the multipass repo.

Even though we want to keep it simple, I would suggest adding the title "Security Policy" and the header "Reporting a Vulnerability" before the proposed contents.

@cjdcordeiro
Copy link
Collaborator Author

cjdcordeiro commented Jan 7, 2025

This is a simple security.md yet provides enough information for users to submit vulnerability findings. I'm just wondering if we should adopt a similar structure as the one in the multipass repo.

Even though we want to keep it simple, I would suggest adding the title "Security Policy" and the header "Reporting a Vulnerability" before the proposed contents.

This is actually the template that is being mandated by Security and already adopted by many repos.

As for the Title and subtitle, they feel a bit redundant in the absence of other sections but I don't mind adding them (done).

zhijie-yang
zhijie-yang approved these changes Jan 7, 2025
View reviewed changes
Copy link
Contributor

@zhijie-yang zhijie-yang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! This looks nice to me.

letFunny
letFunny approved these changes Jan 7, 2025
View reviewed changes
Copy link
Collaborator

@letFunny letFunny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this!

@cjdcordeiro cjdcordeiro merged commit 03f5597 into canonical:main Jan 9, 2025
14 of 15 checks passed
@cjdcordeiro cjdcordeiro deleted the ROCKS-1500/security-policy branch January 9, 2025 11:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@niemeyer niemeyer Awaiting requested review from niemeyer

2 more reviewers

@zhijie-yang zhijie-yang zhijie-yang approved these changes

@letFunny letFunny letFunny approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Simple Nice for a quick look on a minute or two

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cjdcordeiro @zhijie-yang @letFunny