Skip to content

Add SECURITY.md vulnerability reporting policy#420

Open
kallal79 wants to merge 1 commit intorubysec:masterfrom
kallal79:issue-309-security-policy-clean
Open

Add SECURITY.md vulnerability reporting policy#420
kallal79 wants to merge 1 commit intorubysec:masterfrom
kallal79:issue-309-security-policy-clean

Conversation

@kallal79
Copy link
Copy Markdown

@kallal79 kallal79 commented Apr 3, 2026

Implement issue #309 by adding a dedicated security policy for bundler-audit.

Changes:

  • Add SECURITY.md with private vulnerability reporting instructions.

  • Document email reporting channel and disclosure expectations.

  • Add spec/security_policy_spec.rb to verify policy file presence and core guidance.

This commit intentionally contains only security-policy related files.

@kallal79
Add SECURITY.md vulnerability reporting policy
504db8f 
Implement issue rubysec#309 by adding a dedicated security policy for bundler-audit.

Changes:

- Add SECURITY.md with private vulnerability reporting instructions.

- Document email reporting channel and disclosure expectations.

- Add spec/security_policy_spec.rb to verify policy file presence and core guidance.

This commit intentionally contains only security-policy related files.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kallal79