[wp-trac] [WordPress Trac] #47368: Introduce a SECURTY.md file
WordPress Trac
noreply at wordpress.org
Fri May 24 00:07:11 UTC 2019
#47368: Introduce a SECURTY.md file
-------------------------+-----------------------------
Reporter: desrosj | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version:
Severity: minor | Keywords: 2nd-opinion
Focuses: |
-------------------------+-----------------------------
In May, [https://github.blog/changelog/2019-05-23-security-policy/ GitHub
added support] for a `SECURITY.md` file. This allows a project to define
it's security policy advising users about how and when to report security
vulnerabilities to the repository maintainers.
When the file is present, a Security tab is added to the repository to
display this file.
Adding a `SECURITY.md` file could help encourage users utilizing the
[https://github.com/wordpress/wordpress-develop official GitHub mirror] to
report sensitive security related issues responsibly through the proper
channels.
I think a brief summary of the project's reporting methodology
(responsible, private disclosures) linking to the
[https://wordpress.org/about/security/ WordPress.org Security page] would
be sufficient.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/47368>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list