Skip to content

Security: wwmoraes/actions

Security

SECURITY.md

Security Guidelines

How security is managed on this project

Contributors take security seriously and wants to ensure that we maintain a secure environment for our customers and that we also provide secure solutions for the open source community. To help us achieve these goals, please note the following before using this software:

  • Review the software license to understand the contributor's obligations in terms of warranties and suitability for purpose
  • For any questions or concerns about security, you can create an issue or report a vulnerability
  • All security related issues and pull requests you make should be tagged with security for easy identification
  • Please monitor this repository and update your environment in a timely manner as we release patches and updates

Responsibly Disclosing Security Bugs

If you find a security bug in this repository, please work with contributors following responsible disclosure principles and these guidelines:

  • Do not submit a normal issue or pull request in our public repository, instead report it privately.
  • We will review your submission and may follow up for additional details
  • If you have a patch, we will review it and approve it privately; once approved for release you can submit it as a pull request publicly in the repository (we give credit where credit is due)
  • We will keep you informed during our investigation, feel free to check in for a status update
  • We will release the fix and publicly disclose the issue as soon as possible, but want to ensure we due properly due diligence before releasing
  • Please do not publicly blog or post about the security issue until after we have updated the public repo so that other downstream users have an opportunity to patch

Contact / Misc

If you have any questions, please reach out by creating an issue.

There aren’t any published security advisories