Add security.md (#3190)

* Create SECURITY.md

Add a security disclosure policty document

(cherry picked from commit 35b7d51cf2)

* Adds desired target for resolution

(cherry picked from commit 828163848a)
This commit is contained in:
Oliver 2022-06-14 08:09:51 +10:00 committed by GitHub
parent 8b464e4397
commit 0a0d151f15
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

17
SECURITY.md Normal file
View File

@ -0,0 +1,17 @@
# Security Policy
The InvenTree team take all security vulnerabilities seriously. Thank you for improving the security of our open source software.
We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions.
## Reporting a Vulnerability
Please report security vulnerabilities by emailing the InvenTree team at:
```
security@inventree.org
```
Someone from the InvenTree development team will acknowledge your email as soon as possible, and indicate the next steps in handling your security report.
The team will endeavour to keep you informed of the progress towards a fix for the issue, and subsequent release to the stable and development code branches. Where possible, the issue will be resolved within 90 dates of reporting.