chore: add security policy and restrict workflow permissions

lkstrp · lkstrp · commit f28976547301 · 2026-03-12T13:57:20.000+01:00
diff --git a/.github/workflows/push-image.yaml b/.github/workflows/push-image.yaml
@@ -8,6 +8,8 @@ on:
     - "v*"
   workflow_dispatch:
 
+permissions: {}
+
 env:
   REGISTRY: ghcr.io
   FULL_IMAGE_NAME: ghcr.io/pypsa/pypsa-app
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,3 @@
+# Security Policy
+
+To report a security vulnerability, please email security@pypsa.org.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+# Security Policy`
	`2`	`+`
	`3`	`+To report a security vulnerability, please email security@pypsa.org.`