Skip to content

Commit 9c8b461

Browse files
committed
docs: update security.md
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
1 parent b3b03d3 commit 9c8b461

File tree

1 file changed

+18
-2
lines changed

1 file changed

+18
-2
lines changed

SECURITY.md

Lines changed: 18 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,11 +4,27 @@
44

55
Only the last stable version at any given point.
66

7+
## Response Timeline
8+
9+
We aim to acknowledge vulnerability reports within 3 business days.
10+
Resolution or assessment is typically provided within 30 days.
11+
12+
## Scope
13+
14+
We address vulnerabilities that could compromise the confidentiality, integrity,
15+
or availability of GoReleaser or its users.
16+
17+
## Credit
18+
19+
We are happy to publicly acknowledge reporters in release notes, unless
20+
anonymity is requested.
21+
722
## Reporting a Vulnerability
823

924
Vulnerabilities can be disclosed in private using
10-
[GitHub advisories](https://github.com/goreleaser/goreleaser-pro/security).
25+
[GitHub advisories](https://github.com/goreleaser/goreleaser-pro/security/policy).
1126

12-
For GoReleaser OSS, please see https://github.com/goreleaser/goreleaser/blob/main/SECURITY.md.
27+
For issues common with GoReleaser OSS, please refer to
28+
[this instead](https://github.com/goreleaser/goreleaser/security/policy).
1329

1430
Thanks!

0 commit comments

Comments
 (0)