From 35b7d51cf20b2e80ddbb7a337e8ab472a6f36300 Mon Sep 17 00:00:00 2001 From: Oliver Date: Mon, 13 Jun 2022 12:29:28 +1000 Subject: [PATCH] Create SECURITY.md Add a security disclosure policty document --- SECURITY.md | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000000..c8d59365ef --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,16 @@ +# Security Policy + +The InvenTree team take all security vulnerabilities seriously. Thank you for improving the security of our open source software. +We appreciate your efforts and responsible disclosure and will make every effort to acknowledge your contributions. + +## Reporting a Vulnerability + +Please report security vulnerabilities by emailing the InvenTree team at: + +``` +security@inventree.org +``` + +Someone from the InvenTree development team will acknowledge your email as soon as possible, and indicate the next steps in handling your security report. + +The team will endeavour to keep you informed of the progress towards a fix for the issue, and subsequent release to the stable and development code branches.