Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
As part of our project's periodic Eclipse Foundation progress review (1), we are encouraged to add a security policy file, for our project. I went with the miminal amount of information I thought was needed, not duplicating info from the EF policy. It should be a good first step, I think. In addition, I also modified the GitHub bug report issue template and PR template, to make it clear they're not meant to be used to disclose security vulnerabilities. A nice side-effect of adding SECURITY.md is that GitHub automatically adds an entry in our issue-submission page: "Report a security vulnerability", that has a button "View Policy" that opens our policy. There are some more seemingly nice GitHub project security features that could be enabled for our repo/project (with webmaster's help). We can consider them separately. (1): https://gitlab.eclipse.org/eclipsefdn/emo-team/emo/-/issues/64 Fixes #8795 Signed-off-by: Marc Dumais <[email protected]>
- Loading branch information