diff --git a/.github/workflows/azure-preview-env-deploy.yml b/.github/workflows/azure-preview-env-deploy.yml index 85b5595b2d1d..75f6085dae8c 100644 --- a/.github/workflows/azure-preview-env-deploy.yml +++ b/.github/workflows/azure-preview-env-deploy.yml @@ -75,7 +75,7 @@ jobs: password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 + uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 - if: ${{ env.IS_PUBLIC_BUILD == 'true' }} name: Check out main branch diff --git a/.github/workflows/azure-prod-build-deploy.yml b/.github/workflows/azure-prod-build-deploy.yml index 2ee8931ccf24..ae229d19dccf 100644 --- a/.github/workflows/azure-prod-build-deploy.yml +++ b/.github/workflows/azure-prod-build-deploy.yml @@ -46,7 +46,7 @@ jobs: password: ${{ secrets.PROD_REGISTRY_PASSWORD }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 + uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 - name: Check out repo uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 diff --git a/.github/workflows/main-preview-docker-cache.yml b/.github/workflows/main-preview-docker-cache.yml index 87f4c9bc461b..ebb1643f73bf 100644 --- a/.github/workflows/main-preview-docker-cache.yml +++ b/.github/workflows/main-preview-docker-cache.yml @@ -42,7 +42,7 @@ jobs: password: ${{ secrets.NONPROD_REGISTRY_PASSWORD }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@94ab11c41e45d028884a99163086648e898eed25 + uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 - name: Check out repo uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000000..034e84803209 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 5.1.x | :white_check_mark: | +| 5.0.x | :x: | +| 4.0.x | :white_check_mark: | +| < 4.0 | :x: | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc.