Add security policy
Signed-off-by: Marcos Lilljedahl <marcosnils@gmail.com>
This commit is contained in:
Marcos Lilljedahl
16
.github/SECURITY.md
vendored
Normal file
16
.github/SECURITY.md
vendored
Normal file
@@ -0,0 +1,16 @@
|
||||
# Security Policy
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
If there are any vulnerabilities in this project or in [the playground](https://labs.play-with-docker.com), don't hesitate to _report them_.
|
||||
|
||||
1. Write an email to marcosnils (at) gmail.com
|
||||
2. Describe the vulnerability.
|
||||
|
||||
If you have a fix, that is most welcome -- please attach or summarize it in your message!
|
||||
|
||||
3. We will evaluate the vulnerability and, if necessary, release a fix or mitigating steps to address it. We will contact you to let you know the outcome, and will credit you in the report.
|
||||
|
||||
Please **do not disclose the vulnerability publicly** until a fix is released!
|
||||
|
||||
4. Once we have either a) published a fix, or b) declined to address the vulnerability for whatever reason, you are free to publicly disclose it.
|
||||
Reference in New Issue
Block a user