Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix #196, Add Testing Tools to the Security Policy #197

Merged
merged 1 commit into from
Mar 4, 2021
Merged

Fix #196, Add Testing Tools to the Security Policy #197

merged 1 commit into from
Mar 4, 2021

Conversation

ArielSAdamsNASA
Copy link
Contributor

@ArielSAdamsNASA ArielSAdamsNASA commented Feb 23, 2021
edited
Loading

Describe the contribution
Fix #196
Updated the Security Policy to include the type of testing done for cFS under a new section titled "Testing". Provided a disclaimer that under the Apache license, liability is not provided.

Expected behavior changes
Users should now be aware of the type of testing cFS undergoes.

Additional context
References:
https://github.com/thanos-io/thanos/security/policy
https://github.com/phpMussel/phpMussel/security/policy
https://github.com/timberio/vector/security/policy

Contributor Info - All information REQUIRED for consideration of pull request
Ariel Adams, ASRC Federal

@ArielSAdamsNASA ArielSAdamsNASA added the CCB:Ready Pull request is ready for discussion at the Configuration Control Board (CCB) label Feb 24, 2021
@astrogeco
Copy link
Contributor

Rename title to reflect the change. "Update" is too vague.

@astrogeco
Copy link
Contributor

astrogeco commented Feb 24, 2021
edited
Loading

Probably update the Issue title first

@ArielSAdamsNASA ArielSAdamsNASA changed the title Fix #196, Update the Security Policy Fix #196, Add Testing Tools to the Security Policy Feb 24, 2021
@astrogeco astrogeco removed the CCB:Ready Pull request is ready for discussion at the Configuration Control Board (CCB) label Feb 24, 2021
@ArielSAdamsNASA
Copy link
Contributor Author

ArielSAdamsNASA commented Feb 24, 2021
edited
Loading

  1. Removed:

For vulnerabilities dealing with authentication, authorization, data integrity, or encryption please email us at [email protected]. Please include a description of the vulnerability, steps to reproduce the vulnerability, expected behavior, code snippets, system observed on, any additional context, and your name and organization.

  1. Added links to the cFS workflows, results, and where to find more information for each tool.
  2. Removed numbering and added headers instead
  3. Moved disclaimer from the bottom of the Testing section to the top of the Testing section
  4. Added commas where needed
  5. Updated issue and PR title to be more detailed

@ArielSAdamsNASA
Copy link
Contributor Author

ArielSAdamsNASA commented Mar 4, 2021
edited
Loading

  1. Added a new section titled "Security Reports". Instructed users to email us at [email protected] to submit security reports and findings.
  2. Update Additional Support section. Allow users to submit GitHub questions or email us for support.

The security policy is completed once reviewed and approved.

astrogeco
astrogeco suggested changes Mar 4, 2021
View reviewed changes
SECURITY.md Show resolved Hide resolved
SECURITY.md Outdated Show resolved Hide resolved
SECURITY.md Outdated Show resolved Hide resolved
SECURITY.md Outdated Show resolved Hide resolved
@astrogeco astrogeco changed the base branch from main to integration-candidate March 4, 2021 21:55
@astrogeco astrogeco merged commit 0e470f6 into nasa:integration-candidate Mar 4, 2021
@astrogeco astrogeco mentioned this pull request Mar 4, 2021
Merged
chillfig pushed a commit to chillfig/cFS that referenced this pull request Mar 17, 2022
@skliper
Fix nasa#197, Resolve uninitialized variables in UT
c4773cb
chillfig pushed a commit to chillfig/cFS that referenced this pull request Mar 17, 2022
@astrogeco
Merge pull request nasa#198 from skliper/fix197-uninit_var
dbb94ab 
Fix nasa#197, Resolve uninitialized variables in UT
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@astrogeco astrogeco astrogeco requested changes

Assignees
No one assigned
Labels
CCB:FastTrack docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add Testing Tools to the Security Policy
3 participants
@ArielSAdamsNASA @astrogeco @arielswalker