Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add security policy #1480

Merged
merged 2 commits into from
Mar 23, 2022
Merged

feat: add security policy #1480

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d8ed3d6
feat: add security policy
hugorut Mar 22, 2022
4970bf8
Apply suggestions from code review
hugorut Mar 23, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
18 changes: 18 additions & 0 deletions SECURITY.md
View file
Open in desktop
@@ -0,0 +1,18 @@
# Security policy

## Reporting a vulnerability

If you believe you have found a security vulnerability within Infracost, please let us know right away. We'll try and fix the problem as soon as possible.

**Do not report vulnerabilities using public GitHub issues**. Instead, email [security@infracost.io](mailto:security@infracost.io) with a detailed account of the issue. Please submit one issue per email, this helps us triage vulnerabilities.

Once we've received your email we'll keep you updated as we fix the vulnerability.

## Supported versions

We release patches for security vulnerabilities as soon as they are found and fixed. Please refer to the below table to understand which CLI versions are eligible for security patches.

| Version | Supported |
|---------|------------|
| 0.9.x | ✅ |
| < 0.9.0 | ❌ |