diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..ec0098f04e --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,12 @@ +# Security Policy + +Thanks for helping make GitHub Open Source Software safe for everyone. + +GitHub takes the security of our software products and services seriously, including all of the open source code repositories managed through our GitHub organizations, such as [Octokit](https://github.com/octokit). + +Even though [open source repositories are outside of the scope of our bug bounty program](https://bounty.github.com/index.html#scope) and therefore not eligible for bounty rewards, we want to make sure that your finding gets passed along to the maintainers of this project for remediation. + + +## Reporting a Vulnerability + +Since this source is part of [Octokit](https://github.com/octokit) (a GitHub organization) we ask that you follow the guildlines [here](https://github.com/github/.github/blob/master/SECURITY.md#reporting-security-issues) to report anything that you might've found.