Merge pull request #1365 from urfave/security-policy-doc
Add a security policy document
This commit is contained in:
commit
939ab7f9e7
@ -55,11 +55,12 @@ further defined and clarified by project maintainers.
|
||||
## Enforcement
|
||||
|
||||
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
||||
reported by contacting Dan Buch at dan@meatballhat.com. All complaints will be
|
||||
reviewed and investigated and will result in a response that is deemed necessary
|
||||
and appropriate to the circumstances. The project team is obligated to maintain
|
||||
confidentiality with regard to the reporter of an incident. Further details of
|
||||
specific enforcement policies may be posted separately.
|
||||
reported by contacting urfave-governance@googlegroups.com, a members-only group
|
||||
that is world-postable. All complaints will be reviewed and investigated and
|
||||
will result in a response that is deemed necessary and appropriate to the
|
||||
circumstances. The project team is obligated to maintain confidentiality with
|
||||
regard to the reporter of an incident. Further details of specific enforcement
|
||||
policies may be posted separately.
|
||||
|
||||
Project maintainers who do not follow or enforce the Code of Conduct in good
|
||||
faith may face temporary or permanent repercussions as determined by other
|
||||
|
27
docs/SECURITY.md
Normal file
27
docs/SECURITY.md
Normal file
@ -0,0 +1,27 @@
|
||||
# Security Policy
|
||||
|
||||
Hello and thank you for your interest in the `urfave/cli` security
|
||||
policy! :tada: :lock:
|
||||
|
||||
## Supported Versions
|
||||
|
||||
| Version | Supported |
|
||||
| ------------ | ------------------------------------- |
|
||||
| `>= v2.3.x` | :white_check_mark: |
|
||||
| `< v2.3` | :x: |
|
||||
| `>= v1.22.x` | :white_check_mark: :lady_beetle: [^1] |
|
||||
| `< v1.22` | :x: |
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
Please disclose any vulnerabilities by sending an email to:
|
||||
|
||||
[urfave-security@googlegroups.com](mailto:urfave-security@googlegroups.com)
|
||||
|
||||
You should expect a response within 48 hours and further
|
||||
communications to be decided via email. The `urfave/cli` maintainer
|
||||
team comprises volunteers who contribute when possible, so please
|
||||
have patience :bow:
|
||||
|
||||
[^1]: The `v1.22.x` series will receive bug fixes and security
|
||||
patches only.
|
Loading…
Reference in New Issue
Block a user