Security Policy #1832
Description
It is highly recommended to define a comprehensive security policy (SECURITY.md) in the root directory. This policy should include guidelines for vulnerability reporting and vulnerability publishment.
You can do it in the Security page which will give you a template file, just put some key informations(such as Email address or Vulnerabilities submission link) in the SECURITY.md and commit it.
For detailed information on these checks, you can refer to the OpenSSF Scorecard documentation
I believe that addressing these security improvements will strengthen our project's security posture. What are your thoughts on implementing these changes?