Add Security Policy #368

Closed
opened 2026-01-29 20:42:47 +00:00 by claunia · 0 comments
Owner

Originally created by @rojkov on GitHub (Feb 5, 2021).

To ease adoption of Brotli in projects with formal new dependency policies like Envoy it would be beneficial to have an explicit security policy in SECURITY.md with contact details and reporting/disclosure process.

Lack of a policy implies security bugs are open zero days

Originally created by @rojkov on GitHub (Feb 5, 2021). To ease adoption of Brotli in projects with formal new dependency policies like [Envoy](https://github.com/envoyproxy/envoy/blob/main/DEPENDENCY_POLICY.md#new-external-dependencies) it would be beneficial to have an explicit security policy in `SECURITY.md` with contact details and reporting/disclosure process. Lack of a policy implies security bugs are open zero days
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/brotli#368