Skip to content

Commit 0c3fbb0

Browse files
hyunhee-joclaude
hyunhee-jo
and
claude
authored
chore: add SECURITY.md, CODEOWNERS, and .editorconfig (#6)
chore: add SECURITY.md, CODEOWNERS, and .editorconfig Objective: The repository lacks basic governance files for security reporting, automatic PR reviewer assignment, and editor consistency. Approach: Add three minimal governance files aligned with the upstream opendataloader-pdf repository — SECURITY.md with a private email channel, CODEOWNERS with docs/code ownership split (last-match-wins precedence applied correctly), and .editorconfig for cross-editor consistency. Evidence: Documentation and configuration files only — no runtime behavior change. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 2687979 commit 0c3fbb0

3 files changed

Lines changed: 36 additions & 0 deletions

File tree

.editorconfig

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
root = true
2+
3+
[*]
4+
charset = utf-8
5+
indent_style = space
6+
indent_size = 4
7+
end_of_line = lf
8+
insert_final_newline = true
9+
trim_trailing_whitespace = true
10+
11+
[*.md]
12+
trim_trailing_whitespace = false

.github/CODEOWNERS

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
# Default owners for everything in the repository
2+
* @hyunhee-jo @bundolee @hnc-jglee
3+
4+
# Docs owners (must come after default to take precedence — last-match-wins)
5+
*.md @suji-cho

.github/SECURITY.md

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
# Security Policy
2+
3+
## Reporting a Vulnerability
4+
5+
If you think you've identified a security issue in this repository, please **do not** report the issue publicly via the GitHub issue tracker or any other public channel.
6+
7+
Instead, send an email to [open.dataloader@hancom.com](mailto:open.dataloader@hancom.com) with as many details as possible. This is a private mailing list for the maintainers team.
8+
9+
### Security Vulnerability Response
10+
11+
Each report is acknowledged and analyzed by the core maintainers within 3 working days.
12+
13+
Any vulnerability information shared with core maintainers stays within the project and will not be disseminated to other projects unless it is necessary to get the issue fixed.
14+
15+
After the initial reply to your report, the security team will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.
16+
17+
## Security Alerts
18+
19+
We will send announcements of security vulnerabilities and steps to remediate on the project announcements.

0 commit comments

Comments
 (0)