|Re: [eclipse.org-architecture-council] Security policy for GitHub projects|
_______________________________________________Hi everyone,I just noticed that GitHub now has some kind of "security policy tool", which also allows you to write security advisories. It looks like the first step you can take, is to provide a simple "SECURITY.md" file, which explains your policy in the repository.I think it makes sense, to provide a template for Eclipse projects, which redirects users to https://eclipse.org/security, and make it mandatory for Eclipse projects on GitHub to have such a file. The same way we have a "CONTRIBUTING.md" file.What do you think?CheersJens
Principal Software Engineer / EMEA ENG Middleware
phone: +49 89 2050 71286
Red Hat GmbH, www.de.redhat.com,
Registered seat: Grasbrunn, Commercial register: Amtsgericht Muenchen, HRB 153243,
Managing Directors: Paul Argiry, Charles Cachera, Tom Savage, Michael O'Neill
eclipse.org-architecture-council mailing list
IMPORTANT: Membership in this list is generated by processes internal to the Eclipse Foundation. To be permanently removed from this list, you must contact emo@xxxxxxxxxxx to request removal.
Director of Open Source Projects | Eclipse Foundation, Inc.
Back to the top