pypi-publish/.github/SECURITY.md

33 lines
885 B
Markdown
Raw Permalink Normal View History

# Security Policy
**⚠️ Please do not file public GitHub issues for security
vulnerabilities as they are open for everyone to see! ⚠️**
We encourage responsible disclosure practices for security
vulnerabilities.
## Supported Versions
Always update to the latest version of
this Action to keep up with security patches.
## Reporting a Vulnerability
If you believe you've found a security-related bug, we
prefer that you fill out a [vulnerability report on GitHub]
directly.
[vulnerability report on GitHub]:
//github.com/pypa/gh-action-pypi-publish/security/advisories/new
## Don't have a GitHub account?
Alternatively, drop an email to
``wk+gh-action-pypi-publish-security`` at ``sydorenko`` dot
``org`` dot ``ua`` instead of filing a ticket or posting to
_any_ public groups. We will try to assess the problem in
timely manner and disclose it in a responsible way.