-
Notifications
You must be signed in to change notification settings - Fork 932
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create a Security Policy #1301
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
🚀 Feature
Hi, I'd like to suggest that docker-python defines a security policy in order to guide users on how to safely report any vulnerability found.
Motivation
The security policy is a GitHub standard feature that appears in both the Security Dashboard and the project "About" area.
It is important to guide the reporter on the best way to report the vulnerability in a safe and efficient way.
Additional context
About area with security policy:
![image](https://private-user-images.githubusercontent.com/22223372/269419928-4a434ced-5a9b-4457-89a1-604010ff4d7a.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjIyMzM0NjIsIm5iZiI6MTcyMjIzMzE2MiwicGF0aCI6Ii8yMjIyMzM3Mi8yNjk0MTk5MjgtNGE0MzRjZWQtNWE5Yi00NDU3LTg5YTEtNjA0MDEwZmY0ZDdhLnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MjklMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzI5VDA2MDYwMlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPWNkNTBhNGY3MGEyNzZkMjk3ZjQzNDA4ODdmYzU3OTNiOTg0MDMxYzU3NTMwYjhjZjU0OWU1ZTg0ZjZkZGIxNWQmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.M-R4e7FkpcclPQUO5G02rbJLeIipgxmLedKNxX76nLg)
Disclosure: I work at Google by contributing to the open source community in order to improve their supply-chain security.
The text was updated successfully, but these errors were encountered: