security reporting

This commit is contained in:
cupcakearmy 2022-09-10 13:13:09 +02:00
parent 024dfeeeb7
commit 4287cd429d
No known key found for this signature in database
GPG Key ID: 3235314B4D31232F
2 changed files with 22 additions and 0 deletions

View File

@ -155,6 +155,10 @@ pnpm run ci:server
pnpm run test:local
```
## Security
Please refer to the security section [here](./SECURITY.md).
###### Attributions
- Test data:

18
SECURITY.md Normal file
View File

@ -0,0 +1,18 @@
# Security Policy
## Supported Versions
Please ensure that you are using the latest major version available.
| Version | Supported |
| ------- | --------- |
| 2.x | ✅ |
| < 1.x | |
## Reporting a vulnerability
_cryptgeon_ has a full disclosure vulnerability policy.
Report any bug / vulnerability directly to the [issue tracker](https://github.com/cupcakearmy/cryptgeon/issues).
Please do NOT attempt to report any security vulnerability in this code privately to anybody.
> Shamefully copied of the [ring security section](https://github.com/briansmith/ring#bug-reporting).