Skip to content

Please add a security policy #718

Description

@robrwo

Please add a SECURITY or SECURITY.md file to the distribution and software repository that explains how to report a security vulnerability.

CPANSec has a guide for adding a security policy [1] and also links to software to generate security policies when you rebuild a distribution for release.

You can enable private vulnerability reporting in your GitHub repository [2]. This allows people to create private issues for security vulnerabilities, and lets your collaborators work on private forks.

[1] https://security.metacpan.org/docs/guides/security-policy-for-authors.html

[2] https://docs.github.com/en/code-security/security-advisories/working-with-repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository

Note: this issue is part of a project by CPANSec to encourage popular CPAN distributions to add a security policy.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions