You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi, I'm from Google working with the OpenSSF to improve supply-chain security in many open source projects.
I would like to suggest for RustCrypto/utils to create a Security Policy to the repo.
A Security Policy is a GitHub standard document (SECURITY.md) that can be seen in the "Security Tab" to instruct users about how to report vulnerability in the safest and most efficient way possible.
Together with this issue I'll submit one suggestion of Security Policy, feel free to edit it directly or ask me for editions until it is in compliance with how RustCrypto/utils would best handle vulnerability reports.
The text was updated successfully, but these errors were encountered:
Hi, I'm from Google working with the OpenSSF to improve supply-chain security in many open source projects.
I would like to suggest for RustCrypto/utils to create a Security Policy to the repo.
A Security Policy is a GitHub standard document (
SECURITY.md) that can be seen in the "Security Tab" to instruct users about how to report vulnerability in the safest and most efficient way possible.It is a Scorecard Recommendation (being one check of medium priority) and a Github Recommendation.
Together with this issue I'll submit one suggestion of Security Policy, feel free to edit it directly or ask me for editions until it is in compliance with how RustCrypto/utils would best handle vulnerability reports.
The text was updated successfully, but these errors were encountered: