Skip to content

Define a security policy #244

Description

@yeikel

Currently, we do not have any security policy in https://github.com/netplex/json-smart-v2/security or in the readme. That leaves security contributors without the adequate tools to report issues responsibly.

The recent issue GHSA-pq2g-wx69-c263 was not reported responsibly in my opinion as CVEs should ideally go public after there is a known fix

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions