# Security Policy ## Supported Versions Use this section to tell pe…

[tonirmv]

…ople about which versions of your project are currently being supported with security updates. | Version | Supported | | ------- | ------------------ | | 5.1.x | ✅ | | 5.0.x | ❌ | | 4.0.x | ✅ | | < 4.0 | ❌ | ## Reporting a Vulnerability Use this section to tell people how to report a vulnerability. Tell them where to go, how often they can expect to get an update on a reported vulnerability, what to expect if the vulnerability is accepted or declined, etc.

[tonirmv]

---

title: GitHub Community Guidelines
redirect_from:

• /community-guidelines/
• /articles/github-community-guidelines
  versions:
  free-pro-team: '*'

---

Millions of developers host millions of projects on GitHub — both open and closed source — and we're honored to play a part in enabling collaboration across the community every day. Together, we all have an exciting opportunity and responsibility to make this a community we can be proud of.

GitHub users worldwide bring wildly different perspectives, ideas, and experiences, and range from people who created their first "Hello World" project last week to the most well-known software developers in the world. We are committed to making GitHub a welcoming environment for all the different voices and perspectives in our community, while maintaining a space where people are free to express themselves.

We rely on our community members to communicate expectations, moderate their projects, and {% data variables.contact.report_abuse %} or {% data variables.contact.report_content %}. By outlining what we expect to see within our community, we hope to help you understand how best to collaborate on GitHub, and what type of actions or content may violate our Terms of Service, which include our Acceptable Use Policies. We will investigate any abuse reports and may moderate public content on our site that we determine to be in violation of our Terms of Service.

Building a strong community

The primary purpose of the GitHub community is to collaborate on software projects.
We want people to work better together. Although we maintain the site, this is a community we build together, and we need your help to make it the best it can be.

• Be welcoming and open-minded - Other collaborators may not have the same experience level or background as you, but that doesn't mean they don't have good ideas to contribute. We encourage you to be welcoming to new collaborators and those just getting started.

• Respect each other. Nothing sabotages healthy conversation like rudeness. Be civil and professional, and don’t post anything that a reasonable person would consider offensive, abusive, or hate speech. Don’t harass or grief anyone. Treat each other with dignity and consideration in all interactions.

  You may wish to respond to something by disagreeing with it. That’s fine. But remember to criticize ideas, not people. Avoid name-calling, ad hominem attacks, responding to a post’s tone instead of its actual content, and knee-jerk contradiction. Instead, provide reasoned counter-arguments that improve the conversation.

• Communicate with empathy - Disagreements or differences of opinion are a fact of life. Being part of a community means interacting with people from a variety of backgrounds and perspectives, many of which may not be your own. If you disagree with someone, try to understand and share their feelings before you address them. This will promote a respectful and friendly atmosphere where people feel comfortable asking questions, participating in discussions, and making contributions.

• Be clear and stay on topic - People use GitHub to get work done and to be more productive. Off-topic comments are a distraction (sometimes welcome, but usually not) from getting work done and being productive. Staying on topic helps produce positive and productive discussions.

  Additionally, communicating with strangers on the Internet can be awkward. It's hard to convey or read tone, and sarcasm is frequently misunderstood. Try to use clear language, and think about how it will be received by the other person.

What if something or someone offends you?

We rely on the community to let us know when an issue needs to be addressed. We do not actively monitor the site for offensive content. If you run into something or someone on the site that you find objectionable, here are some tools GitHub provides to help you take action immediately:

• Communicate expectations - If you participate in a community that has not set their own, community-specific guidelines, encourage them to do so either in the README or CONTRIBUTING file, or in a dedicated code of conduct, by submitting a pull request.

• Moderate Comments - If you have write-access privileges for a repository, you can edit, delete, or hide anyone's comments on commits, pull requests, and issues. Anyone with read access to a repository can view a comment's edit history. Comment authors and people with write access to a repository can delete sensitive information from a comment's edit history. For more information, see "Tracking changes in a comment" and "Managing disruptive comments."

• Lock Conversations  - If a discussion in an issue or pull request gets out of control, you can lock the conversation.

• Block Users  - If you encounter a user who continues to demonstrate poor behavior, you can block the user from your personal account or block the user from your organization.

Of course, you can always contact us to {% data variables.contact.report_abuse %} if you need more help dealing with a situation.

What is not allowed?

We are committed to maintaining a community where users are free to express themselves and challenge one another's ideas, both technical and otherwise. Such discussions, however, are unlikely to foster fruitful dialog when ideas are silenced because community members are being shouted down or are afraid to speak up. That means you should be respectful and civil at all times, and refrain from attacking others on the basis of who they are. We do not tolerate behavior that crosses the line into the following:

• Threats of violence

  You may not threaten violence towards others or use the site to organize, promote, or incite acts of real-world violence or terrorism. Think carefully about the words you use, the images you post, and even the software you write, and how they may be interpreted by others. Even if you mean something as a joke, it might not be received that way. If you think that someone else might interpret the content you post as a threat, or as promoting violence or terrorism, stop. Don't post it on GitHub. In extraordinary cases, we may report threats of violence to law enforcement if we think there may be a genuine risk of physical harm or a threat to public safety.

• Hate speech and discrimination

  While it is not forbidden to broach topics such as age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation, we do not tolerate speech that attacks a person or group of people on the basis of who they are. Just realize that when approached in an aggressive or insulting manner, these (and other) sensitive topics can make others feel unwelcome, or perhaps even unsafe. While there's always the potential for misunderstandings, we expect our community members to remain respectful and civil when discussing sensitive topics.

• Bullying and harassment

  We do not tolerate bullying or harassment. This means any habitual badgering or intimidation targeted at a specific person or group of people. In general, if your actions are unwanted and you continue to engage in them, there's a good chance you are headed into bullying or harassment territory.

• Disrupting the experience of other users

  Being part of a community includes recognizing how your behavior affects others and engaging in meaningful and productive interactions with people and the platform they rely on. Behaviors such as repeatedly posting off-topic comments, opening empty or meaningless issues or pull requests, or using any other platform feature in a way that continually disrupts the experience of other users are not allowed. While we encourage maintainers to moderate their own projects on an individual basis, GitHub staff may take further restrictive action against accounts that are engaging in these types of behaviors.

• Impersonation

  You may not seek to mislead others as to your identity by copying another person's avatar, posting content under their email address, using a similar username or otherwise posing as someone else. Impersonation is a form of harassment.

• Doxxing and invasion of privacy

  Don't post other people's personal information, such as personal, private email addresses, phone numbers, physical addresses, credit card numbers, Social Security/National Identity numbers, or passwords. Depending on the context, such as in the case of intimidation or harassment, we may consider other information, such as photos or videos that were taken or distributed without the subject's consent, to be an invasion of privacy, especially when such material presents a safety risk to the subject.

• Sexually obscene content

  Don’t post content that is pornographic. This does not mean that all nudity, or all code and content related to sexuality, is prohibited. We recognize that sexuality is a part of life and non-pornographic sexual content may be a part of your project, or may be presented for educational or artistic purposes. We do not allow obscene sexual content or content that may involve the exploitation or sexualization of minors.

• Gratuitously violent content

  Don’t post violent images, text, or other content without reasonable context or warnings. While it's often okay to include violent content in video games, news reports, and descriptions of historical events, we do not allow violent content that is posted indiscriminately, or that is posted in a way that makes it difficult for other users to avoid (such as a profile avatar or an issue comment). A clear warning or disclaimer in other contexts helps users make an educated decision as to whether or not they want to engage with such content.

• Misinformation and disinformation

  You may not post content that presents a distorted view of reality, whether it is inaccurate or false (misinformation) or is intentionally deceptive (disinformation) where such content is likely to result in harm to the public or to interfere with fair and equal opportunities for all to participate in public life. For example, we do not allow content that may put the well-being of groups of people at risk or limit their ability to take part in a free and open society. We encourage active participation in the expression of ideas, perspectives, and experiences and may not be in a position to dispute personal accounts or observations. We generally allow parody and satire that is in line with our Acceptable Use Polices, and we consider context to be important in how information is received and understood; therefore, it may be appropriate to clarify your intentions via disclaimers or other means, as well as the source(s) of your information.

• Active malware or exploits

  Being part of a community includes not taking advantage of other members of the community. We do not allow anyone to use our platform for exploit delivery, such as using GitHub as a means to deliver malicious executables, or as attack infrastructure, for example by organizing denial of service attacks or managing command and control servers. Note, however, that we do not prohibit the posting of source code which could be used to develop malware or exploits, as the publication and distribution of such source code has educational value and provides a net benefit to the security community.

What happens if someone breaks the rules?

There are a variety of actions that we may take when a user reports inappropriate behavior or content. It usually depends on the exact circumstances of a particular case. We recognize that sometimes people may say or do inappropriate things for any number of reasons. Perhaps they did not realize how their words would be perceived. Or maybe they just let their emotions get the best of them. Of course, sometimes, there are folks who just want to spam or cause trouble.

Each case requires a different approach, and we try to tailor our response to meet the needs of the situation that has been reported. We'll review each abuse report on a case-by-case basis. In each case, we will have a diverse team investigate the content and surrounding facts and respond as appropriate, using these guidelines to guide our decision.

Actions we may take in response to an abuse report include but are not limited to:

• Content Removal
• Content Blocking
• Account Suspension
• Account Termination

Legal Notices

We dedicate these Community Guidelines to the public domain for anyone to use, reuse, adapt, or whatever, under the terms of CC0-1.0.

These are only guidelines; they do not modify our Terms of Service and are not intended to be a complete list. GitHub retains full discretion under the Terms of Service to remove any content or terminate any accounts for activity that violates our Terms on Acceptable Use. These guidelines describe when we will exercise that discretion.

[tonirmv]

From 1b87b58 Mon Sep 17 00:00:00 2001
From: tonirmv [email protected]
Date: Wed, 9 Dec 2020 13:57:18 -0700
Subject: [PATCH] # Security Policy ## Supported Versions Use this section to
tell people about which versions of your project are currently being
supported with security updates. | Version | Supported | | -------
| ------------------ | | 5.1.x | ✅ | | 5.0.x | ❌
| | 4.0.x | ✅ | | < 4.0 | ❌ |

Reporting a Vulnerability Use this section to tell people how to report a

vulnerability. Tell them where to go, how often they can expect to get an
update on a reported vulnerability, what to expect if the vulnerability is
accepted or declined, etc.

SECURITY.md | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
create mode 100644 SECURITY.md

diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..034e848
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,21 @@
+# Security Policy
+
+## Supported Versions
+
+Use this section to tell people about which versions of your project are
+currently being supported with security updates.
+
+| Version | Supported |
+| ------- | ------------------ |
+| 5.1.x | ✅ |
+| 5.0.x | ❌ |
+| 4.0.x | ✅ |
+| < 4.0 | ❌ |
+
+## Reporting a Vulnerability
+
+Use this section to tell people how to report a vulnerability.
+
+Tell them where to go, how often they can expect to get an update on a
+reported vulnerability, what to expect if the vulnerability is accepted or
+declined, etc.

[tonirmv]

Politica de seguridad

Versiones compatibles

Use esta sección para decirle a la gente qué versiones de su proyecto están
actualmente es compatible con actualizaciones de seguridad.

Versión	Soportado
5.1.x	: white_check_mark:
5.0.x	: x:
4.0.x	: white_check_mark:
<4.0	: x:

Informar una vulnerabilidad

Utilice esta sección para decirle a las personas cómo informar una vulnerabilidad.

Dígales dónde ir, con qué frecuencia pueden esperar recibir una actualización sobre un
vulnerabilidad reportada, qué esperar si la vulnerabilidad es aceptada o
rechazado, etc.

[tonirmv]

Politica de seguridad

Versiones compatibles

Use esta sección para decirle a la gente qué versiones de su proyecto están
actualmente es compatible con actualizaciones de seguridad.

Versión	Soportado
5.1.x	: white_check_mark:
5.0.x	: x:
4.0.x	: white_check_mark:
<4.0	: x:

Informar una vulnerabilidad

Utilice esta sección para decirle a las personas cómo informar una vulnerabilidad.

Dígales dónde ir, con qué frecuencia pueden esperar recibir una actualización sobre un
vulnerabilidad reportada, qué esperar si la vulnerabilidad es aceptada o
rechazado, etc.