Skip to content

Add security policy #395

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add security policy #395

wants to merge 3 commits into from
+103 −0

Conversation

mikkoi
Copy link

@mikkoi mikkoi commented Oct 4, 2025
edited
Loading

Issue #391

@mikkoi mikkoi mentioned this pull request Oct 4, 2025
Open
@oalders
Copy link
Member

oalders commented Oct 5, 2025

We should probably check with @petdance about being the security contact. Not sure if that conversation happened somewhere else?

@mikkoi
Copy link
Author

mikkoi commented Oct 5, 2025

Another possibility would be to harness GitHub's new Private vulnerability reporting in Security (tab).

@petdance
Copy link
Contributor

petdance commented Oct 5, 2025

Heavens, no, I shouldn't be a contact for anything.

@oalders
Copy link
Member

oalders commented Oct 6, 2025

Another possibility would be to harness GitHub's new Private vulnerability reporting in Security (tab).

Oh, I did not know about this. I've enabled it for this repo. Can we amend the document to reflect this?

@mikkoi
Copy link
Author

mikkoi commented Oct 6, 2025

Oh, I did not know about this. I've enabled it for this repo. Can we amend the document to reflect this?

Will do!

@mikkoi
For security contact, replace private email
dba3040 
... by GitHub's Report a vulnerability submission form
@mikkoi
Copy link
Author

mikkoi commented Oct 8, 2025

Done.

@mikkoi
Copy link
Author

mikkoi commented Oct 8, 2025

Shall we add a similar SECURITY.md to LWP::UserAgent?

@Copilot Copilot AI mentioned this pull request Oct 8, 2025
Closed
@oalders
Copy link
Member

oalders commented Oct 8, 2025

Shall we add a similar SECURITY.md to LWP::UserAgent?

Please

oalders
oalders reviewed Oct 8, 2025
View reviewed changes
Copy link
Member

@oalders oalders left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are some proposed changes in #398. Could you review those? I don't know why it didn't just comment on this PR. Maybe I don't know how to invoke copilot correctly.

@mikkoi
Copy link
Author

mikkoi commented Oct 8, 2025

I would say Copilot did a good job. It noticed spelling errors and the wrong branch name.
I applied the fixes over the original.

@oalders
Copy link
Member

oalders commented Oct 9, 2025

It looks like I should have requested a review from copilot under the "Reviewers" section.

oalders
oalders approved these changes Oct 9, 2025
View reviewed changes
Copy link
Member

@oalders oalders left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks, @mikkoi!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@oalders oalders oalders approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mikkoi @oalders @petdance