Skip to content

Commit 2d8fd2b

Browse files
committed
feat: add SECURITY.md with vulnerability disclosure policy
1 parent 4a68c86 commit 2d8fd2b

1 file changed

Lines changed: 8 additions & 13 deletions

File tree

SECURITY.md

Lines changed: 8 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,16 @@
11
# Security Policy
22

3-
If you find a security vulnerability in any Commit Check project, please report it privately.
4-
53
## Reporting a Vulnerability
64

7-
**Do not open a public GitHub issue.** Instead, send an email to:
8-
9-
**[xianpeng.shen@gmail.com](mailto:xianpeng.shen@gmail.com)**
10-
11-
Please include:
12-
13-
- Which project and version is affected
14-
- A description of the issue and its impact
15-
- Steps to reproduce (or a proof of concept)
5+
If you discover a security vulnerability, please **do not** open a public
6+
issue. Instead, report it privately via
7+
[GitHub's private vulnerability reporting](https://github.com/commit-check/REPO/security/advisories/new)
8+
on the affected repository (replace `REPO` with the actual repository name:
9+
`commit-check`, `commit-check-action`, `commit-check-mcp`).
1610

17-
You will receive an acknowledgment within 48 hours, followed by a plan for resolution.
11+
We'll respond as quickly as possible and keep you updated throughout the
12+
process.
1813

1914
## Supported Versions
2015

21-
Only the latest release of each project receives security patches. Please keep your dependencies up to date.
16+
Only the latest release of each project receives security patches.

0 commit comments

Comments
 (0)