Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add security policy #674

Closed
pnacht opened this issue Jun 6, 2023 · 0 comments
Closed

Add security policy #674

pnacht opened this issue Jun 6, 2023 · 0 comments

Comments

@pnacht
Copy link

pnacht commented Jun 6, 2023

A security policy (SECURITY.md) explains how the project wishes to receive and handle responsible disclosure of potential vulnerabilities. GitHub recommends that projects have one.

The security policy can be found by users who enter the project's "Security" panel. They'll also see references to it in the "New issue" page.

There are two main ways to receive disclosures:

If you want to use GitHub's reporting system, it must be activated for the repository:

  1. Open the repo's settings
  2. Click on Code security & analysis
  3. Click "Enable" for "Private vulnerability reporting"

I'll send a PR with a draft policy along with this issue.

Alternatively, the policy can be created in a json-iterator/.github repository. In this case, the policy will be available in all of the org's repos.

Disclosure: My name is Pedro and I work with Google and the Open Source Security Foundation (OpenSSF) to improve the supply-chain security of the open-source ecosystem.
@pnacht pnacht mentioned this issue Jun 6, 2023
Closed
@pnacht pnacht closed this as not planned Won't fix, can't repro, duplicate, stale Nov 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add security policy pnacht/json-iterator-go
1 participant
@pnacht