Create SECURITY.md

r4gus · Sep 5, 2023 · 5cbddef · 5cbddef
1 parent 3db8355
commit 5cbddef
Showing 1 changed file with 27 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,27 @@
+# Security Policy
+
+We take the security of this library and its component seriously. If you believe you have found a
+security vulnerability please report it as described below.
+
+## Supported Versions
+
+| Version | Supported          |
+| ------- | ------------------ |
+| master  | :white_check_mark: |
+| 0.x.y-alpha   | :x: |
+
+## Reporting a Vulnerability
+
+This library is still alpha and vulnerabilities are considered bugs. You can report vulnerabilities by creating a 
+[issue](https://github.com/r4gus/scallop/issues/new) and answering the following questions:
+
+1. Type of issue (e.g. buffer overflow)
+2. Related source files(s)
+3. Branch/tag thats affected by the vulnerability
+4. Any special configuration required to reproduce the issue
+5. Step-by-step instructions to reproduce the issue
+6. Proof-of-concept or exploit code (if possible)
+7. Impact of the issue, including how an attacker might exploit the issue
+
+You can also create a fix yourself and open a pull request. Just remember to answer
+the questions above so we can unterstand the reason for the pull request.