Skip to content

Commit 3f942c1

Browse files
committed
Portfolio polish: add security policy and showcase readiness notes
1 parent 23cfcdc commit 3f942c1

1 file changed

Lines changed: 29 additions & 0 deletions

File tree

SECURITY.md

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
# Security Policy
2+
3+
## Supported Versions
4+
5+
The `main` branch is actively maintained.
6+
7+
## Reporting a Vulnerability
8+
9+
Please report vulnerabilities privately and responsibly.
10+
11+
- Preferred: open a private security advisory on GitHub.
12+
- Alternative: open an issue marked `security` without disclosing exploit details.
13+
14+
Please include:
15+
16+
- affected repository and version/commit
17+
- reproduction steps
18+
- impact assessment
19+
- suggested remediation, if known
20+
21+
## Response Targets
22+
23+
- Initial acknowledgement: within 3 business days
24+
- Triage decision: within 7 business days
25+
- Remediation timeline: based on severity and exploitability
26+
27+
## Disclosure
28+
29+
Coordinated disclosure is preferred. Public disclosure is encouraged after a fix is available.

0 commit comments

Comments
 (0)