Skip to content

docs: Add SECURITY.md#2551

Merged
duwenxin99 merged 5 commits intomainfrom
security-doc
Mar 30, 2026
Merged

docs: Add SECURITY.md#2551
duwenxin99 merged 5 commits intomainfrom
security-doc

Conversation

@duwenxin99
Copy link
Copy Markdown
Contributor

@duwenxin99 duwenxin99 commented Feb 24, 2026
edited
Loading

Update GitHub workflow security to align with Google Open Source security requirements.

@duwenxin99 duwenxin99 requested a review from a team as a code owner February 24, 2026 02:16
@gemini-code-assist
Copy link
Copy Markdown
Contributor

gemini-code-assist bot commented Feb 24, 2026

Summary of Changes

Hello @duwenxin99, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a new SECURITY.md file to the repository. This document provides clear guidelines for users and researchers on how to responsibly disclose security vulnerabilities, ensuring that any potential issues can be reported and addressed efficiently by the project's vulnerability management team.

Highlights

  • New Security Policy Document: A SECURITY.md file has been added to the repository, outlining the process for reporting security vulnerabilities.
Changelog
  • SECURITY.md
    • Added a new security policy document.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

gemini-code-assist[bot]
gemini-code-assist bot reviewed Feb 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request adds a SECURITY.md file to the repository, which outlines the process for reporting security vulnerabilities. My review includes a suggestion to improve the clarity and functionality of the contact email link within this new policy file.

averikitsch
averikitsch reviewed Feb 27, 2026
View reviewed changes
@Yuan325 Yuan325 added the priority: p1 Important issue which blocks shipping the next release. Will be fixed prior to next release. label Mar 11, 2026
duwenxin99 and others added 3 commits March 29, 2026 23:16
@duwenxin99
docs: Add SECURITY.md
a77be55
@duwenxin99 @gemini-code-assist
Update SECURITY.md
30d9ebb 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
@duwenxin99
replace email with google group email
9b8bde2
@Yuan325 Yuan325 added the release candidate Use label to signal PR should be included in the next release. label Mar 30, 2026
@duwenxin99 duwenxin99 enabled auto-merge (squash) March 30, 2026 17:42
@duwenxin99 duwenxin99 merged commit 4baf758 into main Mar 30, 2026
20 checks passed
@duwenxin99 duwenxin99 deleted the security-doc branch March 30, 2026 18:01
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Mar 30, 2026

🧨 Preview deployments removed.

Cloudflare Pages environments for pr-2551 have been deleted.

github-actions bot pushed a commit to NirajNandre/genai-toolbox-fork that referenced this pull request Mar 30, 2026
@NirajNandre
deploy: docs: Add SECURITY.md (googleapis#2551)
70e384a 
Update GitHub workflow security to align with [Google Open Source
security
requirements](https://opensource.google/documentation/reference/github/security).

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 4baf758
github-actions bot pushed a commit to NirajNandre/genai-toolbox-fork that referenced this pull request Mar 30, 2026
@NirajNandre
deploy: docs: Add SECURITY.md (googleapis#2551)
7f46d9e 
Update GitHub workflow security to align with [Google Open Source
security
requirements](https://opensource.google/documentation/reference/github/security).

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> 4baf758
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@averikitsch averikitsch averikitsch left review comments

@Yuan325 Yuan325 Yuan325 approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@Yuan325 Yuan325

Labels

priority: p1 Important issue which blocks shipping the next release. Will be fixed prior to next release. release candidate Use label to signal PR should be included in the next release.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@duwenxin99 @averikitsch @Yuan325