argocd-interlace icon indicating copy to clipboard operation
argocd-interlace copied to clipboard

Published 20 hours ago verified publisher icon argoproj-labs

Add SECURITY.md

Open jessesuen opened this issue 2 years ago • 2 comments

The Argo maintainers recently agreed to require all Argoproj Labs project repositories to contain a SECURITY.md file which documents:

  • Contact information for reporting security vulnerabilities
  • Some minimal information about policies, practices, with possibly links to further documentation with more details

This will help direct vulnerability reporting to the right parties which can fix the issue.

You are free to use the following as examples/templates:

Also, please note that in the future we are exploring a requirement that argoproj-labs projects perform a CII self-assessment to better inform its users about which security best practices are being followed.

jessesuen avatar Mar 22 '22 18:03 jessesuen

Just bumping this one up. Could maintainers please take care to add a security policy to this repo?

Thanks!

jannfis avatar Jun 03 '22 20:06 jannfis

Hi @jessesuen @jannfis, we added SECURITY.md with the PR https://github.com/argoproj-labs/argocd-interlace/pull/23. Thank you.

hirokuni-kitahara avatar Jun 09 '22 00:06 hirokuni-kitahara