Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feature: disable check for security policy in Repolint configuration files #39

Open
lucasgonze opened this issue Sep 27, 2023 · 1 comment

Comments

@lucasgonze
Copy link

The Repolinter Rulesets check for existence of a SECURITY.md link. We should consider disabling this. There is now a default security policy in the .github repo at https://github.com/newrelic/.github/blob/main/SECURITY.md. There is a link to that global default in the "About" menu on every repository.As a result any other repository that lacks a policy of its own will still have a security policy and a well-known UX path to it.

image

The global default policy is probably better than most projects will do on their own, so nudging projects to make their own security policy may actually decrease security.

Eliminating a Ruleset check reduces work for maintainers and creates engineering efficiencies.

@lucasgonze
Copy link
Author

lucasgonze commented Sep 27, 2023

image

lucasgonze added a commit to lucasgonze/.github that referenced this issue Sep 28, 2023
… for either long-form HTML (as the previous regex was checking for) OR short-form markdown (which was suggested in the past).

Remove checks for SECURITY.md links to address newrelic#39

Signed-off-by: Lucas Gonze <[email protected]>
lucasgonze added a commit to lucasgonze/.github that referenced this issue Sep 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant