mirror of
https://github.com/pypa/gh-action-pypi-publish.git
synced 2024-11-25 10:01:02 -05:00
Migrate security doc from RST to Markdown
RST files are no longer correctly recognized by GitHub.
This commit is contained in:
parent
8cdc2ab67c
commit
bbf06d8ae3
2 changed files with 32 additions and 14 deletions
32
.github/SECURITY.md
vendored
Normal file
32
.github/SECURITY.md
vendored
Normal file
|
@ -0,0 +1,32 @@
|
|||
# Security Policy
|
||||
|
||||
**⚠️ Please do not file public GitHub issues for security
|
||||
vulnerabilities as they are open for everyone to see! ⚠️**
|
||||
|
||||
We encourage responsible disclosure practices for security
|
||||
vulnerabilities.
|
||||
|
||||
|
||||
## Supported Versions
|
||||
|
||||
Always update to the latest version of
|
||||
this Action to keep up with security patches.
|
||||
|
||||
|
||||
## Reporting a Vulnerability
|
||||
|
||||
If you believe you've found a security-related bug, we
|
||||
prefer that you fill out a [vulnerability report on GitHub]
|
||||
directly.
|
||||
|
||||
[vulnerability report on GitHub]:
|
||||
/pypa/gh-action-pypi-publish/security/advisories/new
|
||||
|
||||
|
||||
## Don't have a GitHub account?
|
||||
|
||||
Alternatively, drop an email to
|
||||
``wk+gh-action-pypi-publish-security`` at ``sydorenko`` dot
|
||||
``org`` dot ``ua`` instead of filing a ticket or posting to
|
||||
_any_ public groups. We will try to assess the problem in
|
||||
timely manner and disclose it in a responsible way.
|
14
.github/SECURITY.rst
vendored
14
.github/SECURITY.rst
vendored
|
@ -1,14 +0,0 @@
|
|||
Security Policy
|
||||
---------------
|
||||
|
||||
Supported Versions
|
||||
==================
|
||||
|
||||
Always update to the latest version of
|
||||
this Action to keep up with security patches.
|
||||
|
||||
Reporting a Vulnerability
|
||||
=========================
|
||||
|
||||
Email to ``wk+gh-action-pypi-publish-security``
|
||||
at ``sydorenko`` dot ``org`` dot ``ua``.
|
Loading…
Reference in a new issue