•  
      request #14950 Add a security policy (aka SECURITY.md) at the root of the sources
    Infos
    #14950
    Thomas Gerbet (tgerbet)
    2020-06-05 15:21
    2020-06-04 16:54
    15902
    Details
    Add a security policy (aka SECURITY.md) at the root of the sources
    The security policy for the Tuleap project is currently defined on the tuleap.org website (https://www.tuleap.org/security/) which is essential but:
    * the sources of Tuleap are replicated in multiple locations, finding how to report a security issue should be easy whatever the location
    * having this document in the Tuleap repository means it can be easily used as a base for other Tuleap sub-projects/tools.
    * since the migration of tuleap.org to a CMS the content of the security policy is no more versioned (at least not in a way that is usable) which makes hard to track and follow changes over time
    * my confidence in the management of the CMS is not very high and ultimately this document should be peer-reviewed
    Other
    Empty
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2020-06-05
    Attachments
    Empty
    References

    Follow-ups