This repository has been archived by the owner on Oct 9, 2023. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add initial section covering vuln disclosure (#36)
* Add initial section covering vuln disclosure This PR adds one section (with two subsections) addressing vulnerability disclosure. The two halves are 1. Security researcher to maintainer disclosure and 2. Maintainer to user/software consumer disclosure The basic rational for this addition is that vulnerabilities are often not clearly visible and people that don't know about vulns can't do anything about them Signed-off-by: laurentsimon <laurentsimon@google.com> * Update published/npm.md Co-authored-by: Jordan Harband <ljharb@gmail.com> Signed-off-by: Jon <darakian@github.com> Signed-off-by: laurentsimon <laurentsimon@google.com> * Update published/npm.md Co-authored-by: Jordan Harband <ljharb@gmail.com> Signed-off-by: Jon <darakian@github.com> Signed-off-by: laurentsimon <laurentsimon@google.com> * Fix grammatical and spelling errors on `npm.md` (#31) Signed-off-by: Randall <ran.dall@icloud.com> Signed-off-by: Randall <ran.dall@icloud.com> * Conform to main branch Signed-off-by: Jonathan Moroney <darakian@github.com> Signed-off-by: laurentsimon <laurentsimon@google.com> * Link to openssf security policy repo Signed-off-by: Jonathan Moroney <darakian@github.com> Signed-off-by: laurentsimon <laurentsimon@google.com> * Add initial section covering vuln disclosure This PR adds one section (with two subsections) addressing vulnerability disclosure. The two halves are 1. Security researcher to maintainer disclosure and 2. Maintainer to user/software consumer disclosure The basic rational for this addition is that vulnerabilities are often not clearly visible and people that don't know about vulns can't do anything about them Signed-off-by: laurentsimon <laurentsimon@google.com> Signed-off-by: laurentsimon <laurentsimon@google.com> Signed-off-by: Jon <darakian@github.com> Signed-off-by: Randall <ran.dall@icloud.com> Signed-off-by: Jonathan Moroney <darakian@github.com> Signed-off-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com> Co-authored-by: Jordan Harband <ljharb@gmail.com> Co-authored-by: Randall <ran.dall@icloud.com> Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
- Loading branch information