Skip to content

Commit

Permalink
Add SECURITY.md file (#3201)
Browse files Browse the repository at this point in the history 
The policy for reporting security vulnerabilities is already
clearly stated, but some reporters may only look for it in a
"SECURITY.md" file.

This commit adds a SECURITY.md file, with the same contents
as the README file about reporting vulnerabilities.
That way, when someone is trying to report a vulnerability while
in a panic, we'll increase the odds that they find that information :-).

Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
  • Loading branch information
@david-a-wheeler
david-a-wheeler committed Aug 24, 2023
1 parent 1e9bac4 commit d557f47
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# Security

Should you discover any security issues, please refer to sigstore's [security
process](https://github.com/sigstore/.github/blob/main/SECURITY.md)

0 comments on commit d557f47

Please sign in to comment.