mirror of
https://github.com/wneessen/niljson.git
synced 2024-12-23 02:40:38 +01:00
Merge pull request #22 from wneessen/fix-21
Some checks failed
CodeQL / Analyze (push) Failing after 1s
golangci-lint / lint (push) Failing after 1s
Govulncheck Security Scan / test (push) Failing after 1s
REUSE Compliance Check / test (push) Failing after 1s
Scorecard supply-chain security / Scorecard analysis (push) Failing after 1s
SonarQube / Build and analyze (push) Failing after 1s
Some checks failed
CodeQL / Analyze (push) Failing after 1s
golangci-lint / lint (push) Failing after 1s
Govulncheck Security Scan / test (push) Failing after 1s
REUSE Compliance Check / test (push) Failing after 1s
Scorecard supply-chain security / Scorecard analysis (push) Failing after 1s
SonarQube / Build and analyze (push) Failing after 1s
Add SECURITY.md for reporting vulnerabilities
This commit is contained in:
commit
1bdfdf8b56
1 changed files with 38 additions and 0 deletions
38
SECURITY.md
Normal file
38
SECURITY.md
Normal file
|
@ -0,0 +1,38 @@
|
|||
<!--
|
||||
SPDX-FileCopyrightText: 2024 Winni Neessen <wn@neessen.dev>
|
||||
|
||||
SPDX-License-Identifier: CC0-1.0
|
||||
-->
|
||||
|
||||
# Security Policy
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
To report (possible) security issues in niljson, please either send a mail to
|
||||
[wn@neessen.dev](mailto:wn@neessen.dev) or use Github's
|
||||
[private reporting feature](https://github.com/wneessen/niljson/security/advisories/new).
|
||||
Reports are always welcome. Even if you are not 100% certain that a specific issue you found
|
||||
counts as a security issue, we'd love to hear the details, so we can figure out together if
|
||||
the issue in question needds to be addressed.
|
||||
|
||||
Typically, you will receive an answer within a day or even within a few hours.
|
||||
|
||||
## Encryption
|
||||
You can send OpenPGP/GPG encrpyted mails to the [wn@neessen.dev](mailto:wn@neessen.dev) address.
|
||||
|
||||
OpenPGP/GPG public key:
|
||||
```
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
xjMEY8XedRYJKwYBBAHaRw8BAQdAVPb7jn5V7TPWh7lODBPm9SOgS568Plsk
|
||||
prDUK/kZWiTNH3duQG5lZXNzZW4uZGV2IDx3bkBuZWVzc2VuLmRldj7CjAQQ
|
||||
FgoAPgUCY8XedQQLCQcICRC0L3U6o8fYrQMVCAoEFgACAQIZAQIbAwIeARYh
|
||||
BK6dDe0sVXaVAlOuqrQvdTqjx9itAACfPAEAs1SvBmpVk540On+UEdHCbzP0
|
||||
aD7bngxm2pUe4+ynzCMBAMt1bZSRaRzItYxiJvXzYH48Z9J6n06eWQbr7wwe
|
||||
YBEDzjgEY8XedRIKKwYBBAGXVQEFAQEHQGTblfiuHDaOL72GnBpKTl4dJqxs
|
||||
g0ZfOmD2Sfrmdd89AwEIB8J4BBgWCAAqBQJjxd51CRC0L3U6o8fYrQIbDBYh
|
||||
BK6dDe0sVXaVAlOuqrQvdTqjx9itAADFrAD8D54IStjrrHlH1cpKCkW60mMB
|
||||
Rsn++p/UorLoKfhQa3IA/3p3lWhGZ1RYfj35oFGh2bBu1NYDFr5RPYu2dDsO
|
||||
D10A
|
||||
=EyfK
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
```
|
Loading…
Reference in a new issue