From 5488f83299e13157598761b93dbe42973278135e Mon Sep 17 00:00:00 2001 From: Feross Aboukhadijeh Date: Tue, 13 Aug 2019 14:49:27 -0700 Subject: [PATCH] move templates to .github folder --- .../ISSUE_TEMPLATE}/BUG_REPORT.md | 2 +- .../ISSUE_TEMPLATE}/FEATURE_REQUEST.md | 2 +- .../ISSUE_TEMPLATE}/SECURITY.md | 2 +- SECURITY.md | 42 +++++++++++++++++++ 4 files changed, 45 insertions(+), 3 deletions(-) rename {ISSUE_TEMPLATE => .github/ISSUE_TEMPLATE}/BUG_REPORT.md (92%) rename {ISSUE_TEMPLATE => .github/ISSUE_TEMPLATE}/FEATURE_REQUEST.md (91%) rename {ISSUE_TEMPLATE => .github/ISSUE_TEMPLATE}/SECURITY.md (94%) create mode 100644 SECURITY.md diff --git a/ISSUE_TEMPLATE/BUG_REPORT.md b/.github/ISSUE_TEMPLATE/BUG_REPORT.md similarity index 92% rename from ISSUE_TEMPLATE/BUG_REPORT.md rename to .github/ISSUE_TEMPLATE/BUG_REPORT.md index e1cd971..9e138e2 100644 --- a/ISSUE_TEMPLATE/BUG_REPORT.md +++ b/.github/ISSUE_TEMPLATE/BUG_REPORT.md @@ -1,5 +1,5 @@ --- -name: "🐞 Bug report" +name: "Bug report" about: Report an issue with this package title: '' labels: '' diff --git a/ISSUE_TEMPLATE/FEATURE_REQUEST.md b/.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md similarity index 91% rename from ISSUE_TEMPLATE/FEATURE_REQUEST.md rename to .github/ISSUE_TEMPLATE/FEATURE_REQUEST.md index 4545f7b..42194ea 100644 --- a/ISSUE_TEMPLATE/FEATURE_REQUEST.md +++ b/.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md @@ -1,5 +1,5 @@ --- -name: "🚀 Feature request" +name: "Feature request" about: Request a new feature to be added title: '' labels: '' diff --git a/ISSUE_TEMPLATE/SECURITY.md b/.github/ISSUE_TEMPLATE/SECURITY.md similarity index 94% rename from ISSUE_TEMPLATE/SECURITY.md rename to .github/ISSUE_TEMPLATE/SECURITY.md index 0c5267c..7e4e695 100644 --- a/ISSUE_TEMPLATE/SECURITY.md +++ b/.github/ISSUE_TEMPLATE/SECURITY.md @@ -1,5 +1,5 @@ --- -name: "⛔ Security issue" +name: "Security issue" about: Please file security issues at https://github.com/standard/standard/blob/master/SECURITY.md title: '' labels: '' diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..f519ab7 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,42 @@ +# Security Policies and Procedures + +This document outlines security procedures and general policies for the `standard` +project. + + * [Reporting a Bug](#reporting-a-bug) + * [Disclosure Policy](#disclosure-policy) + * [Comments on this Policy](#comments-on-this-policy) + +## Reporting a Bug + +The `standard` team and community take all security bugs in `standard` seriously. +Thank you for improving the security of `standard`. We appreciate your efforts and +responsible disclosure and will make every effort to acknowledge your +contributions. + +Report security bugs by emailing the lead maintainer at feross@feross.org. + +The lead maintainer will acknowledge your email within 48 hours, and will send a +more detailed response within 48 hours indicating the next steps in handling +your report. After the initial reply to your report, the security team will +endeavor to keep you informed of the progress towards a fix and full +announcement, and may ask for additional information or guidance. + +Report security bugs in third-party modules to the person or team maintaining +the module. + +## Disclosure Policy + +When the security team receives a security bug report, they will assign it to a +primary handler. This person will coordinate the fix and release process, +involving the following steps: + + * Confirm the problem and determine the affected versions. + * Audit code to find any potential similar problems. + * Prepare fixes for all releases still under maintenance. These fixes will be + released as fast as possible to npm. + +## Comments on this Policy + +If you have suggestions on how this process could be improved please submit a +pull request.