-
Notifications
You must be signed in to change notification settings - Fork 207
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Testing Tools to the Security Policy #836
Comments
jphickey
pushed a commit
to jphickey/osal
that referenced
this issue
Aug 10, 2022
jphickey
pushed a commit
to jphickey/osal
that referenced
this issue
Aug 10, 2022
Fix nasa#836, Replace CFE_MISSION_SPACECRAFT_ID with CFE_PSP_GetSpacecraftId()
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Users are unaware of how cFS/osal is tested. By providing this information, transparency is provided to the community which promotes trust.
Describe the solution you'd like
The security policy should inform users what tools are being used to test cFS/osal while being cautious of liability issues. To do so, we can state explicitly that our software does not provide liability under the Apache license. The security policy should inform users that they may view the LGTM results. The policy would state that the alerts from LGTM may not be accurate, since they cannot be dismissed.
Add that security report should be emailed.
Additional context
References: https://github.com/thanos-io/thanos/security/policy
Requester Info
Ariel Adams, ASRC Federal
The text was updated successfully, but these errors were encountered: