chore: add SECURITY.md
This commit is contained in:
parent
f92c8ee91d
commit
871e8276ff
1 changed files with 21 additions and 0 deletions
21
SECURITY.md
Normal file
21
SECURITY.md
Normal file
|
@ -0,0 +1,21 @@
|
|||
# Security Policy
|
||||
|
||||
## Supported Versions
|
||||
|
||||
The latest release of *dufs* is supported. The fixes for any security issues found will be included
|
||||
in the next release.
|
||||
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
Please [use *dufs*'s security advisory reporting tool provided by
|
||||
GitHub](https://github.com/sigoden/dufs/security/advisories/new) to report security issues.
|
||||
|
||||
We strive to fix security issues as quickly as possible. Across the industry, often the developers'
|
||||
slowness in developing and releasing a fix is the biggest delay in the process; we take pride in
|
||||
minimizing this delay as much as we practically can. We encourage you to also minimize the delay
|
||||
between when you find an issue and when you contact us. You do not need to convince us to take your
|
||||
report seriously. You don't need to create a PoC or a patch if that would slow down your reporting.
|
||||
You don't need an elaborate write-up. A short, informal note about the issue is good. We can always
|
||||
communicate later to fill in any details we need after that first note is shared with us.
|
||||
|
Loading…
Reference in a new issue