Add Support and Security metadata pages #1
Conversation
| You can submit any security issue or suspected vulnerability | ||
| on the GitHub Security pages of the project. |
There was a problem hiding this comment.
I feel like I'm missing something here. I would expect [email protected] here. Or is there a way to have some kind of "private issues" in GitHub for security?
There was a problem hiding this comment.
Turns out we can turn private issue reporting for vulnerabilites
https://docs.github.com/en/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
There was a problem hiding this comment.
It is something we should add to the project onboarding checklist IMHO.
But yeah, it becomes a useful thing for small projects
There was a problem hiding this comment.
Raised GradleUp/gradleup.github.io#2 for now
| GradleUp is a community driven project, | ||
| most of contributors and maintainers invest their personal time. | ||
| We do not guarantee a response or resolution | ||
| time for the submitted issues. | ||
| As it is written in the Apache License v2: |
| You can submit any security issue or suspected vulnerability | ||
| on the GitHub Security pages of the project. |
There was a problem hiding this comment.
Turns out we can turn private issue reporting for vulnerabilites
https://docs.github.com/en/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository
Co-authored-by: Martin Bonnin <[email protected]>
|
Merging to kick-off the site |
No description provided.