Skip to content

Add SECURITY.md #12980

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Fenrirthviti wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add SECURITY.md #12980

Fenrirthviti wants to merge 1 commit into from
+70 −0

Conversation

@Fenrirthviti
Copy link
Member

@Fenrirthviti Fenrirthviti commented Jan 2, 2026

Description

Add a SECURITY.md template to the repo that follows what we're actually accepting security requests on. Currently, this only includes RCEs, but may be updated before merge or at a later date to include others.

Motivation and Context

Tired of the low-effort and LLM-generated PRs to try and add one.

How Has This Been Tested?

👁️

Types of changes

  • Documentation (a change to documentation pages)

Checklist:

  • My code has been run through clang-format.
  • I have read the contributing document.
  • My code is not on the master branch.
  • The code has been tested.
  • All commit messages are properly formatted and commits squashed where appropriate.
  • I have included updates to all appropriate documentation.

PatTheMav
PatTheMav reviewed Jan 14, 2026
View reviewed changes
@Fenrirthviti
Copy link
Member Author

Fenrirthviti commented Jan 14, 2026

Fixed a few other typos, and updated the resolution time to 120 days to more closely align with our release cadence.

@namoen0301
Copy link

namoen0301 commented Jan 28, 2026
edited
Loading

please add a PGP public key, Some security researchers submit their vulnerability report after encrypting with PGP.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PatTheMav PatTheMav PatTheMav left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Fenrirthviti @namoen0301 @PatTheMav