mirror of
https://gitcode.com/gh_mirrors/gh/gh-action-pypi-publish.git
synced 2026-07-02 18:27:49 +00:00
Migrate security doc from RST to Markdown
RST files are no longer correctly recognized by GitHub.
This commit is contained in:
@@ -0,0 +1,32 @@
|
|||||||
|
# Security Policy
|
||||||
|
|
||||||
|
**⚠️ Please do not file public GitHub issues for security
|
||||||
|
vulnerabilities as they are open for everyone to see! ⚠️**
|
||||||
|
|
||||||
|
We encourage responsible disclosure practices for security
|
||||||
|
vulnerabilities.
|
||||||
|
|
||||||
|
|
||||||
|
## Supported Versions
|
||||||
|
|
||||||
|
Always update to the latest version of
|
||||||
|
this Action to keep up with security patches.
|
||||||
|
|
||||||
|
|
||||||
|
## Reporting a Vulnerability
|
||||||
|
|
||||||
|
If you believe you've found a security-related bug, we
|
||||||
|
prefer that you fill out a [vulnerability report on GitHub]
|
||||||
|
directly.
|
||||||
|
|
||||||
|
[vulnerability report on GitHub]:
|
||||||
|
/pypa/gh-action-pypi-publish/security/advisories/new
|
||||||
|
|
||||||
|
|
||||||
|
## Don't have a GitHub account?
|
||||||
|
|
||||||
|
Alternatively, drop an email to
|
||||||
|
``wk+gh-action-pypi-publish-security`` at ``sydorenko`` dot
|
||||||
|
``org`` dot ``ua`` instead of filing a ticket or posting to
|
||||||
|
_any_ public groups. We will try to assess the problem in
|
||||||
|
timely manner and disclose it in a responsible way.
|
||||||
@@ -1,14 +0,0 @@
|
|||||||
Security Policy
|
|
||||||
---------------
|
|
||||||
|
|
||||||
Supported Versions
|
|
||||||
==================
|
|
||||||
|
|
||||||
Always update to the latest version of
|
|
||||||
this Action to keep up with security patches.
|
|
||||||
|
|
||||||
Reporting a Vulnerability
|
|
||||||
=========================
|
|
||||||
|
|
||||||
Email to ``wk+gh-action-pypi-publish-security``
|
|
||||||
at ``sydorenko`` dot ``org`` dot ``ua``.
|
|
||||||
Reference in New Issue
Block a user