[SLING-10676] Add a SECURITY.MD file to all our Git repositories - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: Documentation
Labels:
None

Description

We should add https://github.com/apache/.github/blob/main/.github/SECURITY.md to all our repositories (but linking to [1]), as per https://twitter.com/iamamoose/status/1417104695626240001:

All Apache projects follow the default ASF security policy; but not all have a github SECURITY․md file, and they get penalised, i.e. with lower #openssf scorecard scores (http://metrics.openssf.org)

Tentatively assigning to myself but if someone beats me to it I'd be happy!

[1] https://sling.apache.org/project-information/security.html

Attachments

Activity

People

Assignee:: Bertrand Delacretaz

Reporter:: Bertrand Delacretaz

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 27/Jul/21 15:57

Updated:: 30/Jul/21 10:23

Resolved:: 28/Jul/21 15:05