[MDEV-31364] Suggestion to a Github Security Policy file - Jira

XML

Word

Printable

Details

Type: Task
Status: Closed (View Workflow)
Priority: Trivial
Resolution: Fixed
Fix Version/s: 11.1.4
Component/s: Documentation, Repositories
Labels:
- Security

Description

Hi!

I'd like to know if you have considered using a SECURITY.md to store (or redirect to) your Security Policy file, as it's usually GitHub's standard. I see that MariaDB/server already defines a complete Security Policy on its website, and it's well documented on your [README](https://github.com/MariaDB/server#bug-reports). My suggestion would be to also use the SECURITY.md file to redirect to your website.

With this change, the instructions on how to report vulnerability would be easily found in the [Security Dashboard](https://github.com/diogoteles08/mariadb-server/security) and in the about section of the project, as seen in the picture sent as attachment.

Optionally, we can also edit the README file to mention the security policy in GitHub and avoid the duplication of links to mariadb's website. ([example](https://github.com/diogoteles08/mariadb-server/blob/11.1/README.md#bug-reports)).

I've made the changes in this fork https://github.com/diogoteles08/mariadb-server if you want to take a closer look. Let me know if a PR is welcome and I'll submit it ASAP.

Thanks!

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Screenshot 2023-05-29 at 18.47.59.png
103 kB
2023-05-29 21:48

Activity

People

Assignee:: Daniel Black

Reporter:: Diogo Teles Sant Anna

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2023-05-29 22:10

Updated:: 2023-06-04 22:29

Resolved:: 2023-06-04 22:29

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.