Add a security policy (SECURITY.md) for this repo #13
Comments
|
@CAM-Gerlach - Sounds like a good idea - please go ahead and create a PR |
|
@goneall So I looked at it in more detail, and most of what we'd say there (who to contact, when to expect updates, if anything is offered in return, etc) would be something for the primary maintainer (you) and the SPDX org to decide, so not sure how much I'm actually qualified to draft after all, sorry, as opposed to you. Its pretty simple and the supported versions table needn't be included, only that the latest API content and the We might also want to wait on this for #10 to get resolved; not much point to do this if the API isn't going to be supported long-term or hosted under another org with different policies. |
|
@CAM-Gerlach I'll look into it after #10 is resolve per suggestion. |
Adding a security policy might be a good idea given the code both consumes and exposes web-facing data, and GitHub makes it easy to do. @goneall , if SPDX already has something of this sort, that would be preferable; otherwise I can draft something based on the standard template and go ahead with a PR so you can review it.
The text was updated successfully, but these errors were encountered: