Skip to content

/ .github

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create SECURITY.md #3

Merged
merged 1 commit into from Nov 7, 2019
Merged

Create SECURITY.md #3

merged 1 commit into from Nov 7, 2019

Conversation

@jhutchings1
Copy link
Contributor

jhutchings1 commented Oct 16, 2019

Creating an org-wide security policy based upon the Bug Bounty program definition. This will show up in any public repositories in the github organization.
@jhutchings1
Create SECURITY.md
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
1fc0fbb 
Creating an org-wide security policy based upon the Bug Bounty program definition.
@benbalter
benbalter approved these changes Oct 16, 2019
View changes
@shawndavenport
Copy link
Member

shawndavenport commented Oct 16, 2019

This will show up in any public repositories in the github organization.

Does that exclude forks?

/cc @github/appsec
@forced-request
Copy link

forced-request commented Oct 17, 2019

This will show up in any public repositories in the github organization.

Does that exclude forks?

/cc @github/appsec

@shawndavenport correct.

  • If a user forks a GitHub repo the org-wide policies are not included.
  • If we fork into the GitHub org, then the org-wide policies are then included.
@philipturnbull
philipturnbull approved these changes Oct 17, 2019
View changes
Copy link
Member

philipturnbull left a comment

Looks like a great start 👍 I will follow up next week with a separate PR to clarify some points around forked repos, archived repos, scope, etc
@jhutchings1
Copy link
Contributor Author

jhutchings1 commented Nov 7, 2019

Does anyone with write access want to merge this? I don't have permissions.
@philipturnbull philipturnbull merged commit c06e6c1 into github:master Nov 7, 2019
@jhutchings1 jhutchings1 deleted the jhutchings1:patch-1 branch Nov 7, 2019
kayger44 added a commit to kayger44/.github that referenced this pull request Apr 25, 2020
@kayger44
Merge pull request github#3 from jhutchings1/patch-1
3a53be8 
Create SECURITY.md
@createdbyhim63
Copy link

createdbyhim63 commented Jun 23, 2020

Pull requests
@createdbyhim63

This comment has been minimized.

Sign in to view
Copy link

createdbyhim63 commented on 1fc0fbb Jun 23, 2020

#3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@philipturnbull philipturnbull

@benbalter benbalter

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

6 participants
@jhutchings1 @shawndavenport @forced-request @createdbyhim63 @philipturnbull @benbalter
You can’t perform that action at this time.