mirror of
https://github.com/wneessen/logranger.git
synced 2024-11-22 12:50:50 +01:00
Winni Neessen
42e89bc2bb
Added SECURITY.md with details for vulnerability reporting and encryption. Introduced new workflows for dependency review, Scorecard supply-chain security, and CodeQL analysis. Made amendments to docker-publish.yml for better Docker build and publishing process. These enhancements are aimed towards improving the security stance and the efficiency of CI/CD workflows.
1.5 KiB
1.5 KiB
Security Policy
Reporting a Vulnerability
To report (possible) security issues in js-mailer, please either send a mail to security@neessen.dev or use Github's private reporting feature. Reports are always welcome. Even if you are not 100% certain that a specific issue you found counts as a security issue, we'd love to hear the details, so we can figure out together if the issue in question needds to be addressed.
Typically, you will receive an answer within a day or even within a few hours.
Encryption
You can send OpenPGP/GPG encrpyted mails to the security@neessen.dev address.
OpenPGP/GPG public key:
-----BEGIN PGP PUBLIC KEY BLOCK-----
xjMEZfdSjxYJKwYBBAHaRw8BAQdA8YoxV0iaLJxVUkBlpC+FQyOiCvWPcnnk
O8rsfRHT22bNK3NlY3VyaXR5QG5lZXNzZW4uZGV2IDxzZWN1cml0eUBuZWVz
c2VuLmRldj7CjAQQFgoAPgWCZfdSjwQLCQcICZAajWCli0ncDgMVCAoEFgAC
AQIZAQKbAwIeARYhBB6X6h8oUi9vvjcMFxqNYKWLSdwOAACHrQEAmfT2HNXF
x1W0z6E6PiuoHDU6DzZ1MC6TZkFfFoC3jJ0BAJZdZnf6xFkVtEAbxNIVpIkI
zjVxgI7gefYDXbqzQx4PzjgEZfdSjxIKKwYBBAGXVQEFAQEHQBdOGYxMLrCy
+kypzTe9jgaEOjob2VVsZ2UV2K9MGKYYAwEIB8J4BBgWCgAqBYJl91KPCZAa
jWCli0ncDgKbDBYhBB6X6h8oUi9vvjcMFxqNYKWLSdwOAABIFAEA3YglATpF
YrJxatxHb+yI6WdhhJTA2TaF2bxBl10d/xEA/R5CKbMe3kj647gjiQ1YXQUh
dM5AKh9kcJn6FPLEoKEM
=nm5C
-----END PGP PUBLIC KEY BLOCK-----