Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds SECURITY.md and scanning workflow #1437

Merged
merged 1 commit into from
Apr 16, 2024
Merged

Adds SECURITY.md and scanning workflow #1437

merged 1 commit into from
Apr 16, 2024

Commits on Apr 16, 2024

  1. Adds SECURITY.md and scanning workflow 

    This adds SECURITY.md and a scanning workflow, using Trivy. In particular, this clarifies what we use to scan for vulnerabilities (Trivy, not anything else), and the only channel likely to be responded to on a significant issue (zipkin-admin email, not advisories as people ignored them).

This is the same approach as approved and merged in openzipkin/zipkin-reporter-java#267

Signed-off-by: Adrian Cole <adrian@tetrate.io>
    Adrian Cole committed Apr 16, 2024
    Configuration menu
    Copy the full SHA
    1667aa7 View commit details
    Browse the repository at this point in the history