Skip to content

Commit

Permalink
🔐 Add a security policy and a well-known security URI (#428)
Browse files Browse the repository at this point in the history 
Co-authored-by: Ainali <ainali.jan@gmail.com>
  • Loading branch information
@Abbe98 @Ainali
Abbe98 and Ainali authored Oct 23, 2024
1 parent 339ab7d commit 2e667df
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 5 deletions.
10 changes: 10 additions & 0 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
# Govdirectory Security Policy

## Scope

This policy is intended for all resources available on `*.govdirectory.org*` and any repository in the Govdirectory GitHub organization.

## Reporting a Vulnerability

You can privately report a vulnerability to the Govdirectory team by [creating a security advisory on GitHub](https://github.com/govdirectory/website/security/advisories/new). This report will be kept private while it is being assessed by the team.

5 changes: 5 additions & 0 deletions static/.well-known/security.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
Contact: https://github.com/govdirectory/website/security
Preferred-Languages: en
Canonical: https://govdirectory.org/.well-known/security.txt
Policy: https://github.com/govdirectory/website/blob/main/SECURITY.md

10 changes: 5 additions & 5 deletions templates/standard-for-public-code.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -366,7 +366,7 @@ <h2><a href="https://standard.publiccode.net/criteria/welcome-contributors.html"

<h2><a href="https://standard.publiccode.net/criteria/make-contributing-easy.html" class="dark-link">Make contributing easy</a></h2>

&#9744;<!-- &#9745; --> criterion met.
&#9745;<!-- &#9745; --> criterion met.

<table id="make-contributing-easy" style="width:100%">
<tr><th class="js-sort-none">Meets</th><th class="js-sort-none">Requirement</th><th class="js-sort-none" style="width:25%">Notes and links</th></tr>
Expand Down Expand Up @@ -408,25 +408,25 @@ <h2><a href="https://standard.publiccode.net/criteria/make-contributing-easy.htm

<tr>
<td>

Ok
</td>
<td>
There MUST be a way to report security issues for responsible disclosure over a closed channel.
</td>
<td>

<a href="https://github.com/govdirectory/website/security/advisories">GitHub's security advisories</a>
</td>
</tr>

<tr>
<td>

Ok
</td>
<td>
The documentation MUST include instructions for how to report potentially security sensitive issues.
</td>
<td>

<a href="https://github.com/govdirectory/website/blob/main/SECURITY.md">SECURITY.md</a>
</td>
</tr>

Expand Down

0 comments on commit 2e667df

Please sign in to comment.