mirror of
https://github.com/martinvonz/jj.git
synced 2024-12-24 12:48:55 +00:00
docs: add a SECURITY.md
I've set up a jj-security@googlegroups.com list. The template comes from Google's internal web. I have no experience with GitHub's Security Advisory database, but it seems like a good practice, so let's use it.
This commit is contained in:
parent
9ff422396a
commit
b6cac0c6aa
1 changed files with 7 additions and 0 deletions
7
SECURITY.md
Normal file
7
SECURITY.md
Normal file
|
@ -0,0 +1,7 @@
|
|||
To report a security issue, please
|
||||
email [Jujutsu VCS Security](jj-security@googlegroups.com)
|
||||
with a description of the issue, the steps you took to create the issue,
|
||||
affected versions, and, if known, mitigations for the issue. Our vulnerability
|
||||
management team will respond within 3 working days of your email. If the issue
|
||||
is confirmed as a vulnerability, we will open a Security Advisory. This project
|
||||
follows a 90 day disclosure timeline.
|
Loading…
Reference in a new issue