Skip to content

docs: add security policy#36873

Merged
crazywoola merged 1 commit into
langgenius:mainfrom
bmtriet:codex/add-security-policy
Jun 1, 2026
Merged

docs: add security policy#36873
crazywoola merged 1 commit into
langgenius:mainfrom
bmtriet:codex/add-security-policy

Conversation

@bmtriet
Copy link
Copy Markdown
Contributor

@bmtriet bmtriet commented May 31, 2026

Summary

  • add SECURITY.md with the existing private GitHub Security Advisory reporting path
  • ask reporters not to disclose vulnerabilities in public issues, discussions, or PRs
  • add concise guidance on what to include in private reports and how disclosure/security updates are handled

Closes #36692.

Verification

  • Confirmed SECURITY.md and .github/SECURITY.md were not present via GitHub Contents API
  • Confirmed the repo already exposes the private advisory contact link
  • Ran git diff --check

This is documentation only. No credentials, account access, private data, or vulnerability details are included.

@dosubot dosubot Bot added the size:S This PR changes 10-29 lines, ignoring generated files. label May 31, 2026
@dosubot dosubot Bot added the lgtm This PR has been approved by a maintainer label Jun 1, 2026
@crazywoola crazywoola merged commit 72e040e into langgenius:main Jun 1, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@crazywoola crazywoola crazywoola approved these changes

@laipz8200 laipz8200 Awaiting requested review from laipz8200 laipz8200 is a code owner

Assignees

No one assigned

Labels

lgtm This PR has been approved by a maintainer size:S This PR changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[SECURITY] Missing SECURITY.md — no vuln reporting channel for 142K-star project

2 participants

@bmtriet @crazywoola