Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: add security policy #188

Merged
merged 2 commits into from
Jan 9, 2025
Merged

chore: add security policy #188

merged 2 commits into from
Jan 9, 2025

Conversation

cjdcordeiro
Copy link
Collaborator

  • Have you signed the CLA?

Add a security policy (SECURITY.md file) to the repo.

@cjdcordeiro cjdcordeiro added the Simple Nice for a quick look on a minute or two label Jan 7, 2025
@zhijie-yang
Copy link

This is a simple security.md yet provides enough information for users to submit vulnerability findings. I'm just wondering if we should adopt a similar structure as the one in the multipass repo.

Even though we want to keep it simple, I would suggest adding the title "Security Policy" and the header "Reporting a Vulnerability" before the proposed contents.

@cjdcordeiro
Copy link
Collaborator Author

This is a simple security.md yet provides enough information for users to submit vulnerability findings. I'm just wondering if we should adopt a similar structure as the one in the multipass repo.

Even though we want to keep it simple, I would suggest adding the title "Security Policy" and the header "Reporting a Vulnerability" before the proposed contents.

This is actually the template that is being mandated by Security and already adopted by many repos.

As for the Title and subtitle, they feel a bit redundant in the absence of other sections but I don't mind adding them (done).

zhijie-yang
zhijie-yang approved these changes Jan 7, 2025
View reviewed changes
Copy link

@zhijie-yang zhijie-yang left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! This looks nice to me.

letFunny
letFunny approved these changes Jan 7, 2025
View reviewed changes
Copy link
Collaborator

@letFunny letFunny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for this!

@cjdcordeiro cjdcordeiro merged commit 03f5597 into canonical:main Jan 9, 2025
14 of 15 checks passed
@cjdcordeiro cjdcordeiro deleted the ROCKS-1500/security-policy branch January 9, 2025 11:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@letFunny letFunny letFunny approved these changes

@zhijie-yang zhijie-yang zhijie-yang approved these changes

@niemeyer niemeyer Awaiting requested review from niemeyer

Assignees
No one assigned
Labels
Simple Nice for a quick look on a minute or two
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@cjdcordeiro @zhijie-yang @letFunny