Skip to content

Commit 0dab5b8

Browse files
cadamsmithcadamsmith
authored
Add SECURITY.md (#33)
1 parent 37c878a commit 0dab5b8

2 files changed

Lines changed: 16 additions & 0 deletions

File tree

DragonBundles.slnx

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,10 @@
11
<Solution>
22
<Folder Name="/docs/">
33
<File Path="CLAUDE.md" />
4+
<File Path="CODE_OF_CONDUCT.md" />
5+
<File Path="CONTRIBUTING.md" />
46
<File Path="README.md" />
7+
<File Path="SECURITY.md" />
58
</Folder>
69
<Folder Name="/src/">
710
<Project Path="src/DragonBundles/DragonBundles.csproj" />

SECURITY.md

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,13 @@
1+
# 🐉 dragon-bundles: security policy
2+
3+
## supported versions
4+
5+
DragonBundles is pre-1.0. Only the latest published 0.x release receives security fixes; older versions are not patched.
6+
7+
## reporting a vulnerability
8+
9+
Please do not open a public issue for security problems.
10+
11+
Use GitHub's [private vulnerability reporting](https://github.com/cadamsmith/dragon-bundles/security/advisories/new) to file a draft advisory. Include a description of the issue and its impact, the affected version(s), a minimal reproduction, and any suggested mitigation.
12+
13+
Expect an initial response within 5 business days. If the report is confirmed, a fix and coordinated disclosure timeline are discussed in the advisory thread before any public disclosure.

0 commit comments

Comments
 (0)