Skip to content

Create SECURITY.md #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rakibulhaq merged 1 commit into from
Jun 29, 2025
Merged

Create SECURITY.md #5

rakibulhaq merged 1 commit into from
Jun 29, 2025

Conversation

@rakibulhaq
Copy link
Owner

@rakibulhaq rakibulhaq commented Jun 29, 2025

No description provided.

Copilot AI review requested due to automatic review settings June 29, 2025 14:03
@rakibulhaq rakibulhaq merged commit a1367a7 into main Jun 29, 2025
2 checks passed
Copilot AI reviewed Jun 29, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

Adds a new SECURITY.md file defining supported versions and instructions for privately reporting security vulnerabilities.

  • Defines a table of supported release lines.
  • Provides an email address and process for confidential vulnerability disclosure.

SECURITY.md

If you discover a security vulnerability, please do **not** open an issue or discuss it publicly.

Instead, report it privately by emailing **[email protected]**.
Copy link

Copilot AI Jun 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider using a dedicated security contact (e.g., [email protected]) instead of a personal address to centralize reports and avoid exposing personal emails.

Suggested change
Instead, report it privately by emailing **haq.rakibul@gmail.com**.
Instead, report it privately by emailing **security@yourdomain.com**.

Copilot uses AI. Check for mistakes.
SECURITY.md
Comment on lines +14 to +15
Include as much detail as possible to help us quickly resolve the issue.

Copy link

Copilot AI Jun 29, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a PGP/GPG key fingerprint or instructions for encrypting emails to ensure vulnerability reports remain confidential in transit.

Suggested change
Include as much detail as possible to help us quickly resolve the issue.
To ensure confidentiality, please encrypt your email using the following PGP key:
**PGP Key Fingerprint:** `3F2C 4A1B 5D6E 7F8G 9H0I J1K2 L3M4 N5O6 P7Q8 R9S0`
You can download the full PGP public key from [this link](https://example.com/pgp-key.asc).
To encrypt your email, use a PGP-compatible email client or tool. Include as much detail as possible to help us quickly resolve the issue.

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rakibulhaq