Skip to content

Commit eaad025

Browse files
serhiidoniiserhiidonii
authored
Merge pull request #4 from MacPaw/develop
Release 0.1
2 parents 02c5059 + 9abba1f commit eaad025

File tree

2 files changed

+47
-0
lines changed

2 files changed

+47
-0
lines changed

.github/workflows/security.yaml

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
on:
2+
pull_request:
3+
push:
4+
branches: [ main, develop ]
5+
6+
jobs:
7+
security-checker:
8+
name: Security checker
9+
runs-on: ubuntu-latest
10+
steps:
11+
- name: Checkout
12+
uses: actions/checkout@v2
13+
14+
- name: Setup PHP
15+
uses: shivammathur/setup-php@v2
16+
17+
- name: Install dependencies
18+
run: composer install --no-progress --no-interaction --prefer-dist
19+
20+
- name: Download local-php-security-checker
21+
run: curl -s -L -o local-php-security-checker https://github.com/fabpot/local-php-security-checker/releases/download/v1.0.0/local-php-security-checker_1.0.0_linux_amd64
22+
23+
- name: Run local-php-security-checker
24+
run: chmod +x local-php-security-checker && ./local-php-security-checker

SECURITY.md

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,23 @@
1+
# Security Policy
2+
3+
## Reporting Security Issues
4+
If you believe you have found a security vulnerability in any MacPaw-owned repository, please report it to us through coordinated disclosure.
5+
6+
Please do not report security vulnerabilities through public GitHub issues, discussions, or pull requests.
7+
8+
Instead, please send an email to security[@]macpaw.com.
9+
10+
Please include as much of the information listed below as you can to help us better understand and resolve the issue:
11+
12+
- The type of issue (e.g., buffer overflow, SQL injection, or cross-site scripting)
13+
- Full paths of source file(s) related to the manifestation of the issue
14+
- The location of the affected source code (tag/branch/commit or direct URL)
15+
- Any special configuration required to reproduce the issue
16+
- Step-by-step instructions to reproduce the issue
17+
- Proof-of-concept or exploit code (if possible)
18+
- Impact of the issue, including how an attacker might exploit the issue
19+
20+
This information will help us triage your report more quickly.
21+
22+
## Policy
23+
See MacPaw's [Vulnerability Disclosure Policy](https://macpaw.com/vulnerability-disclosure-policy)

0 commit comments

Comments
 (0)