Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Security Policy #126

Closed
gabibguti opened this issue May 2, 2023 · 1 comment · Fixed by #127
Closed

Add Security Policy #126

gabibguti opened this issue May 2, 2023 · 1 comment · Fixed by #127

Comments

@gabibguti
Copy link
Contributor

Adding a Security Policy is important to provide guidance on how users can report potential vulnerabilities and communicate when vulnerabilities will be confirmed, fixed and disclosed to the public.

I recently recommended #118 and, like that change, this one also considered a good-practice and recommended by Github and Scorecard.

If you agree, I can open a PR to suggest a Security Policy! We can then work together to communicate how the repo can best handle vulnerability reports.

Additional Context

Hi again! I'm Gabriela and I work on behalf of Google and the OpenSSF suggesting supply-chain security changes :)
@lemire
Copy link
Member

lemire commented May 2, 2023

Sure ! Please go right ahead @gabibguti ! The following might be useful:

# Security Policy

## Reporting a Vulnerability

Please use the following contact information for reporting a vulnerability:

- [Daniel Lemire](https://github.com/lemire) - [email protected]

@gabibguti gabibguti mentioned this issue May 3, 2023
Merged
@gabibguti gabibguti mentioned this issue Aug 23, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add Security Policy gabibguti/bitset
2 participants
@lemire @gabibguti