From 3cb1c8f0cd9c48e2cefe79dab3a28979b67a7052 Mon Sep 17 00:00:00 2001 From: "Dan O. Williams" <11464021+thisisdano@users.noreply.github.com> Date: Fri, 15 Nov 2024 09:37:38 -0800 Subject: [PATCH] Create SECURITY.md --- SECURITY.md | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..4b05cc6 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,28 @@ +# Security Policy + +As a U.S. Government agency, the General Services Administration (GSA) takes +seriously our responsibility to protect the public's information, including +financial and personal information, from unwarranted disclosure. + +Software developed by the U.S. General Services Administration (GSA) +is subject to the [GSA Vulnerability Disclosure Policy](https://gsa.gov/vulnerability-disclosure-policy). + +Please consult our policy for: +* How to submit a report if you believe you have discovered a vulnerability. +* GSA's coordinated disclosure policy. +* Information on how you may conduct security research on GSA developed + software and systems. +* Important legal and policy guidelines. + +## Supported Versions + +Please note that only certain branches are supported with security updates. + +| Version (Branch) | Supported | +| ---------------- | ------------------ | +| main | :white_check_mark: | +| develop | :white_check_mark: | +| other | :x: | + +When using this code or reporting vulnerabilities please only use supported +versions.